What makes Linux safer than Windows?

For discussions about security.
Message
Author
User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#91 Post by Pizzasgood »

musher0 wrote:Sorry if I got your goat, such was not my intention. I was just trying to point our a common shortcoming and / or attitude that prevents Linux from being more widely used.

First time I heard of your info. Not that I doubt your word, but please provide references outside Puppy that detail this. I suppose you could not explain more here in this thread / context.

> Nobody forces you to be a limited user.

Well, if the info is NOT readily available, even if it exists, the result is the same: I am forced to log in as a "limited" user.
No worries.

I still don't know what you're talking about though.

When you install a distro, you are root. You have to actually create a limited user to use. One of the steps in the installation is usually to set a root password, unless it comes preset (in which case it should be easily found on the website for the distro).

From what I understand things are a bit different in Ubuntu-land. I've never used it. But all the other distros I've used beside Puppy (ZipSlack, Vector, RedHat, Gentoo, Arch) all start you off as root.

Disregarding Ubuntu, there is no special information needed. You just put "root" as the login name, and type the root password as the password. That's it.


I don't know what specifically you want non-Puppy references to. Here is one from a Red Hat installation guide, about the setting the root user step.
http://linux.about.com/library/bl/dist/ ... st3.25.htm

RetroTechGuy wrote:If this is truly the concern, then you need to deny those users physical access to the machine.
Yes yes yes, I know all that. In fact, I said as much in this thread already. I'm not talking about security against people who know what they're doing. The opposite. I'm talking about security from the people who don't know what they are doing. They aren't malevolent, they just accidentally typed /* when they meant *. Or maybe they were trying to create a filesystem image with dd and got their parameters wrong. Or maybe they thought it would be a good idea to try upgrading glibc because some program they were trying to use was complaining.

Yeah, you can restore from backup. But why should you have to in the first place? Does that person need to have the ability to screw up the computer, thereby wasting your time and potentially losing some of your most recent data?

Ideally everybody has their own machine. Then they can be root all they want without bothering anybody else if they break it. But if you have to share a computer, it's better to not have to worry as much about needing to fix it whenever they screw it up.



Look, nobody needs to argue the benefits of being root to me. I know them. I've been using Puppy as my main OS since version 0.9.8, and have made those same arguments plenty of times to the people who occasionally show up and start trying to raise a huff about how absurd it is to be root. And I still believe them! It is correct for Puppy to be root by default.

I'm not asking for that to change.

All I'm advocating is the option to not be root, for those occasional situations where it is needed. It would still boot as root by default. There would just be a menu entry or an option in a configuration wizard that lets you toggle the autologinroot thing, so that if you want to have a login prompt you can have one. And there would be a menu entry for adding new users. None of this would be forced on anybody. People who don't care would just keep doing things the way they are.
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
racepres
Posts: 529
Joined: Sat 17 Jan 2009, 02:48
Location: Central Michigan, US
Contact:

#92 Post by racepres »

Pizzasgood wrote:
All I'm advocating is the option to not be root, for those occasional situations where it is needed. It would still boot as root by default. There would just be a menu entry or an option in a configuration wizard that lets you toggle the autologinroot thing, so that if you want to have a login prompt you can have one. And there would be a menu entry for adding new users. None of this would be forced on anybody. People who don't care would just keep doing things the way they are.
Kinda like Mac OSX! If you want to have to "logon" with a password even, then that option is available... windoze also for that matter, I think. Even have the option to allow/disallow, adminstrative privileges.
Not a terrible idea!!
I don't need it personally, but the "bitter half" has that on her Mac, cause she has extremely sensitive info that belongs to other people on her machine!
Conclusion... I agree
Choice is always a good thing!
RP

User avatar
RetroTechGuy
Posts: 2947
Joined: Tue 15 Dec 2009, 17:20
Location: USA

#93 Post by RetroTechGuy »

Pizzasgood wrote:From what I understand things are a bit different in Ubuntu-land. I've never used it. But all the other distros I've used beside Puppy (ZipSlack, Vector, RedHat, Gentoo, Arch) all start you off as root.
Debian actually starts you off as root (and asks for a password), and before it has finished the setup, it also asks you to create a primary user (at the moment, I don't recall if it continues to prompt you to add further users, until you tell it to quit).
RetroTechGuy wrote:If this is truly the concern, then you need to deny those users physical access to the machine.
Yes yes yes, I know all that. In fact, I said as much in this thread already. I'm not talking about security against people who know what they're doing. The opposite. I'm talking about security from the people who don't know what they are doing. They aren't malevolent, they just accidentally typed /* when they meant *. Or maybe they were trying to create a filesystem image with dd and got their parameters wrong. Or maybe they thought it would be a good idea to try upgrading glibc because some program they were trying to use was complaining.

Yeah, you can restore from backup. But why should you have to in the first place?
That's where the "good solid thrashing" comes in... ;)

But let's look at those examples. "glibc" would trash their own pupsave. A command like "rm -rf /*" would only be able to hit the external HDD, if it were mounted - perhaps a good reason for them to have their own partition, so /mnt/home/ can't accidentally access other pupsaves. Or they supply their own flash drive.

And if they are truly that inexperienced, they should not be using "dd".
Ideally everybody has their own machine. Then they can be root all they want without bothering anybody else if they break it. But if you have to share a computer, it's better to not have to worry as much about needing to fix it whenever they screw it up.
A flash drive would create that environment. Everyone has their own "machine" (OS, that is).
Look, nobody needs to argue the benefits of being root to me. I know them.
I'm actually not arguing for or against. I'm just noting that it's not terribly painful to work around the current implementation, of root only.

I think there are bigger fish to fry (like the unclean umount issue, which has been around for a while).

User avatar
Pizzasgood
Posts: 6183
Joined: Wed 04 May 2005, 20:28
Location: Knoxville, TN, USA

#94 Post by Pizzasgood »

I'm actually not arguing for or against. I'm just noting that it's not terribly painful to work around the current implementation, of root only.

I think there are bigger fish to fry (like the unclean umount issue, which has been around for a while).
Okay. Though technically, this no proper multiuser issue has been around at least as long. ;)

But yeah, that's about the only valid argument against it that I can see. Fish need frying.

But let's look at those examples. "glibc" would trash their own pupsave.
Yes. Apparently I forgot what I was trying to accidentally break. Old age is depressing (I turned 10110 last week.)
[size=75]Between depriving a man of one hour from his life and depriving him of his life there exists only a difference of degree. --Muad'Dib[/size]
[img]http://www.browserloadofcoolness.com/sig.png[/img]

User avatar
racepres
Posts: 529
Joined: Sat 17 Jan 2009, 02:48
Location: Central Michigan, US
Contact:

#95 Post by racepres »

Pizzasgood wrote:Old age is depressing (I turned 10110 last week.)
Been awhile since I "fatfingered" into a UYK-20!
But that seems to be only 42!! Correct me if I'm wrong!
Give it another 10-12 yrs.. It gets worser...
RP

User avatar
RetroTechGuy
Posts: 2947
Joined: Tue 15 Dec 2009, 17:20
Location: USA

#96 Post by RetroTechGuy »

racepres wrote:
Pizzasgood wrote:Old age is depressing (I turned 10110 last week.)
Been awhile since I "fatfingered" into a UYK-20!
But that seems to be only 42!! Correct me if I'm wrong!
Give it another 10-12 yrs.. It gets worser...
RP
42 might be the correct answer, but Pizza indicated 22... ;)

I wondered if he had dropped a prefix "1", or a trailing "0". BTW, I'm sitting at 110010 myself. Though I'd much prefer to be in hex, instead... :lol:

User avatar
racepres
Posts: 529
Joined: Sat 17 Jan 2009, 02:48
Location: Central Michigan, US
Contact:

#97 Post by racepres »

RetroTechGuy wrote: 42 might be the correct answer, but Pizza indicated 22... ;)

I wondered if he had dropped a prefix "1", or a trailing "0". BTW, I'm sitting at 110010 myself. Though I'd much prefer to be in hex, instead... :lol:
Got me... I got in a hurry! Told ya it'd been a long time!
If pizzasgood is 22 then you are 50 and I am ...110110. And in Hex...=36!! Gettin' better am I?
RP

JustGreg
Posts: 782
Joined: Tue 24 May 2005, 10:55
Location: Connecticut USA

#98 Post by JustGreg »

If we are talking about old number systems and Pizza Good age (22 decimal) then in octal, he is 26 or hex 16. Talking about AN/UYQ-20, brings back memories of DEC PDP-8 and punched tape loaders. I do not want to go back to the old days. In my case, my age is 111011 binary, 73 octal, or 3B hex.

Yes, being root under Linux or UNIX does require some care, but, being Administrator under Windows requires the same care. It is easy to do damage. It is like "sailor proofing equipment". One has to be careful. Stupidity is a natural resource that the human race will never exhaust. I have my own personal supply, which unfortunately I seem to use ever so often.
Enjoy life, Just Greg
Live Well, Laugh Often, Love Much

User avatar
RetroTechGuy
Posts: 2947
Joined: Tue 15 Dec 2009, 17:20
Location: USA

#99 Post by RetroTechGuy »

racepres wrote:
RetroTechGuy wrote: 42 might be the correct answer, but Pizza indicated 22... ;)

I wondered if he had dropped a prefix "1", or a trailing "0". BTW, I'm sitting at 110010 myself. Though I'd much prefer to be in hex, instead... :lol:
Got me... I got in a hurry! Told ya it'd been a long time!
If pizzasgood is 22 then you are 50 and I am ...110110. And in Hex...=36!! Gettin' better am I?
RP
I don't know about you, but I rather like the looks of that hex number better... ;)

Post Reply