Re: Security comparison between Microsoft and Linux
From: sponge (yosponge_at_yahoo.com)
Date: 12/21/03
- Previous message: Joe: "Perflib_Perfdata"
- In reply to: James H. Fox: "Re: Security comparison between Microsoft and Linux"
- Next in thread: James H. Fox: "Re: Security comparison between Microsoft and Linux"
- Reply: James H. Fox: "Re: Security comparison between Microsoft and Linux"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 21 Dec 2003 14:53:57 -0800
On Sun, 21 Dec 2003 12:49:04 -0500, "James H. Fox"
<foxjh_NOMAILSPAM_AT_rcn.com> wrote:
>sponge wrote:
>>> Of course, as long as you disable all but absolutely necessary
>> services in Linux or Unix, you will (all else being equal) be a bit
>> more secure in Linux or Unix. The key thing here is to disable
>> unnecessary services, like sendmail or SWAT.
>>
>> That's the key, vital, ever-so-important point: All else being
equal,
>> any major OS can be as safe as long as the user and administrator
>> harden it enough by removing unnecessary features, and as long as
the
>> user uses some basic tools and some good sense ("safe hex"). A
golden
>> rule in the security business is that "feature = potential
exploit".
>> This is especially true where MS products are concerned, as, again,
MS
>> doesn't pay a whit of attention to security risks of each new
>> "feature".
>>
>My limited knowledge of Linux suggests that you can install most
programs
>with only "user" rights (if that is the right terminology). That is,
you
>don't need root access for most purposes. This is nice for
protecting the
>root files and those of other users, but it is not good news for
preventing
>trojans and worms from installing, whenever the hackers get around to
>producing them. On the other hand, Win2K or WinXP in a "user"
account seems
>to be quite secure; I don't think anything can install without your
knowing
>about it. Maybe Linux can be made just as secure, but I have not
found the
>way.
Unix/Linux and Windows are very similar in this regard. Yes, you can
(and should) run as a user rather than as root in any *nix-type
system, and can modify the application permissions so that users
(people from groups other than an applications "owner" or "root) can
have read, write, or execute permissions. This is key to proper
security. You can do something vaguely similar on Win2k and XP -- run
as a user, not as "admin", although you do not have the degree of
control you do on *nix. This is one reason why *nix is theoretically
more secure. In practice, though, there are so many files and items on
a Unix or Linux system (and scattered rather haphazardly about the
system no less), I've found that few administrators set proper
permissions all or even most of them.
Sponge
Sponge's Secure Solutions
www.geocities.com/yosponge
My new email: yosponge2 att yahoo dott com
- Previous message: Joe: "Perflib_Perfdata"
- In reply to: James H. Fox: "Re: Security comparison between Microsoft and Linux"
- Next in thread: James H. Fox: "Re: Security comparison between Microsoft and Linux"
- Reply: James H. Fox: "Re: Security comparison between Microsoft and Linux"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
