Re: Linux and security
From: /dev/rob0 (rob0_at_gmx.co.uk)
Date: 07/28/03
- Previous message: erik: "Re: Linux and security"
- In reply to: Nico Kadel-Garcia: "Re: Linux and security"
- Next in thread: Johannes Halmann: "Re: Linux and security"
- Reply: Johannes Halmann: "Re: Linux and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Jul 2003 08:24:04 -0700
Good thread going here. :) When Johannes posted his message with which
many posters have taken issue, I had the first impulse to argue as well.
But there were some valid points in there!
The fact is, Linux users COULD be hit by painful viruses and trojans.
Sure, the system itself is safe unless [ $USER = root ] , but who here
can say that the loss of $HOME wouldn't be a grievous injury? I would
much rather have to reinstall my OS than to have lost my personal data.
There are, however, some saving graces which are protecting the growing
crowd of clue-deprived Linux users, and Nico touches on them, which is
why I'm posting at this point in the thread.
In article <wM8Va.10301$AO6.10271@nwrdny02.gnilink.net>,
Nico Kadel-Garcia wrote:
> Johannes Halmann wrote:
>> situation is RIGHT now. the actual windows-systems have user-management and
>> with ACLs even much finer in granularity then for example linux!
>
> I assume you're referring to the NTFS file system and its subtleties of
> user and group ownership. Unfortunately, it's neither well documented,
> well understood, nor even well used by a lot of vendor software. The
> result is that many users give their personal accounts administrative
> privileges, which deletes almost the entire point.
Excellent point! I've been out of Windows a long time. NT4 was my last,
and it died on me in late 1999, whereupon I switched to my Linux server
as a workstation.
My NT user account was an Administrator. Fact is, you can't get much
done unless you defeat the purpose of Windows ACL's! Single user OS, you
had to logout, login as Administrator, install or remove something,
logout, login again, blah blah.
> Oy. In many cases, sure. But other common vulnerabilities, such as the
> default exporting of the "C:" drive as a share, the overly friendly
> auto-opening of email attachments by various default Windows clients,
Another good point. Microsoft, in their quest to kill GNU/Linux, has
withheld their Office suite from us. "Oh please Brer Bill, don't throw
us in that briar patch!" So we don't have all the macro viruses. (Hey,
they could make their MS Office for Linux port setuid! THAT could hurt
us. :)
I'm not aware of any free MUA for Unix which is as bad as MSOE. kmail
won't even render HTML without explicit permission! MSOE is perhaps the
biggest user-based (i.e., not worms) vulnerability of Windows.
I do agree with Johannes in that as more Windows people come into our
world, they will bring their Windows ways, and some of their Windows
problems will inevitably follow. Also, as our world grows, we'll become
a more fun target for mischief-makers. But I hope that we (particularly
those of us who do the coding) have learned from MS's bad example of
software design. That, combined with the underlying design of Unix,
should prevent our virus problem from ever reaching the levels it has
for Windows ... even among our clue-challenged newbies.
-- /dev/rob0 - preferred_email=i$((28*28+28))@softhome.net or put "not-spam" or "/dev/rob0" in Subject header to reply
- Previous message: erik: "Re: Linux and security"
- In reply to: Nico Kadel-Garcia: "Re: Linux and security"
- Next in thread: Johannes Halmann: "Re: Linux and security"
- Reply: Johannes Halmann: "Re: Linux and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
