Page 2 of 5
Posted: Thu 28 Apr 2011, 11:50
by noryb009
Ok, you have all convinced me that running as root does not matter. As I said in the third post, "You may not want it, I might not want it, but some people do want it".
This is about adding a bit of security (some people feel it adds some, you have all proven them wrong) and giving *some* users what they want. Some people don't want to run as root. I don't see why we make them.
Posted: Thu 28 Apr 2011, 14:44
by rcrsn51
noryb009 wrote:I don't see why we make them.
Nobody is making anybody do anything. If someone doesn't want to run as root, they can get another Linux. It's as simple as that.
Or they can run their browser as non-root, if that makes them feel safer.
Posted: Thu 28 Apr 2011, 20:28
by Bruce B
rcrsn51 wrote:noryb009 wrote:I don't see why we make them.
Nobody is making anybody do anything. If someone doesn't want to run as root, they can get another Linux. It's as simple as that.
In any distro a person can damage or delete his user files.
In a frugal install, periodic backups of the pupsave file are recommend.
Deleting or damaging system files would be hard. If the user thinks he
deleted them, it is only a virtual delete and easy to get them back.
Conversely, with conventional type installs, the system files can be
compromised or deleted.
~
Posted: Thu 28 Apr 2011, 22:54
by noryb009
rcrsn51 wrote:noryb009 wrote:I don't see why we make them.
Nobody is making anybody do anything. If someone doesn't want to run as root, they can get another Linux. It's as simple as that.
This is one thing about linux - specialty. Puppy is one of the best supporters of old hardware, but it doesn't have user support. Debian has user support, but it only releases once every few years. Red Hat has tons of support, but it costs a yearly fee to use. The Canterbury Project was a step forward - and it was an April Fools joke!
rcrsn51 wrote:Or they can run their browser as non-root, if that makes them feel safer.
And the number of people who know this, without spending hours on this forum?
Posted: Fri 29 Apr 2011, 08:29
by Bruce B
noryb009 wrote:And the number of people who know this [spot], without spending hours on this forum?
I've not heard Windows users complain about running as a privileged user.
The Linux command
adduser is
fundamental. Spot is
incidental. If you didn't
know about
adduser, why not? Or maybe better asked, who's responsible?
~
Posted: Fri 29 Apr 2011, 16:58
by mickee
Bruce B wrote:noryb009 wrote:And the number of people who know this [spot], without spending hours on this forum?
I've not heard Windows users complain about running as a privileged user.
Exactly, for Pre Vista. On my Win 7 box, I run as a Standard User, and have my admin account when I need it. Being Windows, I find a (false) sense of security, in believing that things won't get by UAC or my eyes... but you know what? The nasties still get on my PC on rare occasions. I feel quite safe using puppy as root, and I do have browsesafe I use when I know I am going on a suspicious site.
Posted: Fri 29 Apr 2011, 19:18
by noryb009
Bruce B wrote:noryb009 wrote:And the number of people who know this [spot], without spending hours on this forum?
I've not heard Windows users complain about running as a privileged user.
The Linux command
adduser is
fundamental. Spot is
incidental. If you didn't
know about
adduser, why not? Or maybe better asked, who's responsible?
I've heard Linux users complain about running as a privileged user.
Of course, the new user who has never used linux before is to blame! How dare they use linux without knowing all the commands, syntax for the commands, and assembler?
Posted: Fri 29 Apr 2011, 21:20
by Bernie_by_the_Sea
noryb009 wrote:
Of course, the new user who has never used linux before is to blame! How dare they use linux without knowing all the commands, syntax for the commands, and assembler?
A person really should know the basic commands and the syntax for those commands (but not assembler) before using
any operating system. When my wife finally got her own computer rather than sharing mine the first thing she did was buy a copy of Windows XP for Dummies and read it cover to cover. She learned some things I didn’t know after using Windows since 3.1. Anyone new to Linux should get something like
Running Linux,
Linux Pocket Guide or
Linux for Dummies and read it cover to cover. If she doesn’t she will remain a Dummy.
Although this forum treats Dummies well what it ends up with are Dummies who only know how to follow recipes -- follow steps 1, 2, 3 and 4 to accomplish A or do this and this and this to make your system do B. These Dummies then think they know how to do something in Puppy or worse yet in Linux and they’ll try it on a friend’s computer and destroy it because all they know is a recipe that works only on their own machine and their own software version.
Posted: Fri 29 Apr 2011, 21:25
by nooby
Although this forum treats Dummies well what it ends up with are Dummies who only know how to follow recipes -- follow steps 1, 2, 3 and 4 to accomplish A or do this and this and this to make your system do B.
These Dummies then think they know how to do something in Puppy or worse yet in Linux and they’ll try it on a friend’s computer and destroy it because all they know is a recipe that works only on their own machine and their own software version.
Bernie is right on!
Posted: Fri 29 Apr 2011, 22:56
by mickee
Bernie_by_the_Sea wrote:
Although this forum treats Dummies well what it ends up with are Dummies who only know how to follow recipes -- follow steps 1, 2, 3 and 4 to accomplish A or do this and this and this to make your system do B. These Dummies then think they know how to do something in Puppy or worse yet in Linux and they’ll try it on a friend’s computer and destroy it because all they know is a recipe that works only on their own machine and their own software version.
Guilty. (of being a Linux/Puppy dummy
)
Posted: Sat 30 Apr 2011, 02:38
by Lobster
Posted: Sat 30 Apr 2011, 12:02
by noryb009
Posted: Sat 30 Apr 2011, 14:56
by Bernie_by_the_Sea
Okay, to avoid letting Fido in the house we could try cleaning up spot.
Barry wants the "browser working perfectly in every respect. That would include GTK themes, SSL, font rendering, etc. Plus, a mechanism for downloading files outside of /root/spot is needed." He also wants "drag-and-drop browser to the desktop and other rox windows."
My spot browser system (that is a total of 26 bytes) works with drag-and-drop. I just copied it from /root/ to /usr/share and I can drag it to the desktop. My SeaMonkey fonts in spot look fine. How is font rendering tested? Mine is not using my GTK theme -- I'll look at that. SSL? How is this tested? SSL for what? Internet banking? Web hosting? Privacy? Security? Downloads outside of /root/spot? It looks like that might cancel browser-in-spot security.
^
Posted: Sat 30 Apr 2011, 15:45
by jpeps
Bernie_by_the_Sea wrote:Okay, to avoid letting Fido in the house we could try cleaning up spot.
Barry wants the "browser working perfectly in every respect. That would include GTK themes, SSL, font rendering, etc. Plus, a mechanism for downloading files outside of /root/spot is needed." He also wants "drag-and-drop browser to the desktop and other rox windows."
My spot browser system (that is a total of 26 bytes) works with drag-and-drag. I just copied it from /root/ to /usr/share and I can drag it to the desktop. My SeaMonkey fonts in spot look fine. How is font rendering tested? Mine is not using my GTK theme -- I'll look at that. SSL? How is this tested? SSL for what? Internet banking? Web hosting? Privacy? Security? Downloads outside of /root/spot? It looks like that might cancel browser-in-spot security.
I think gmail uses SSL; it will probably work in Spot. Fonts generally get installed to /usr/share/fonts, so will need permissions. I use msttcorefonts, so would have to place them somewhere else to work with SPOT.
Posted: Sat 30 Apr 2011, 16:14
by rcrsn51
jpeps wrote:Fonts generally get installed to /usr/share/fonts, so will need permissions. I use msttcorefonts, so would have to place them somewhere else to work with SPOT.
You shouldn't need write permission to use a font. Spot should still have read permission on places like /usr/share/fonts.
Posted: Sat 30 Apr 2011, 17:08
by jpeps
rcrsn51 wrote:jpeps wrote:Fonts generally get installed to /usr/share/fonts, so will need permissions. I use msttcorefonts, so would have to place them somewhere else to work with SPOT.
You shouldn't need write permission to use a font. Spot should still have read permission on places like /usr/share/fonts.
You're right, they're available. They didn't initially show up because my setting are in /root
run puppy as spot
Posted: Sat 30 Apr 2011, 18:39
by L18L
Browsing as root
and spot will confuse everybody
Downloads
The only change in our behaviour is that installing directly from browser will not work for spot. It is just 1 click more if Downloads is opened in rox.
But the entire discussion is for safety of especially new users (and reviewers' opinions about puppy)
So
- browsing as root should become not possible anymore.
- /root/Downloads will be owned by spot
- changes in browser configuration: no open as petget
- offering only directories writeable by spot
HTTPS
no problem, I have already inspected my banking account as user spot
Drag and Drop no problem to drag text from browser to root's console or geany
So I am very con
fidont
Posted: Sat 30 Apr 2011, 20:30
by rcrsn51
In Quirky 1.3 and Wary 5.11, sound doesn't work in Spot. You can fix it by increasing permissions
L18L wrote:browsing as root should become not possible anymore.
So what happens to a user with a frugal install inside a Windows partition whose savefile isn't big enough to hold a download?
Posted: Sat 30 Apr 2011, 23:10
by Bruce B
rcrsn51 wrote:So what happens to a user with a frugal install inside a Windows partition whose savefile isn't big enough to hold a download?
Does Windows understand Linux permissions?
On a Linux partition, I made a download directory, outside pupsave, with spot as
the owner. Spot can read and write to this directory.
Then of course that directory is spot's default download directory. To keep
things more orderly, spot can make subdirectories within it, before committing the download.
~
Posted: Sat 30 Apr 2011, 23:33
by rcrsn51
Does Windows understand Linux permissions?
That's the point. Forcing users to browse as Spot means that they can only download into a Linux partition.
