Re: Windows Managers/Linspire-Lindows

From: Rod Smith (rodsmith_at_nessus.rodsbooks.com)
Date: 07/27/04 

Date: Tue, 27 Jul 2004 21:44:14 -0000

In article <H5iNc.194658$XM6.61517@attbi_s53>,
        technomaNge <abuse@microsoft.com> writes:
>
> Rod Smith wrote:
>
> > Interesting. I installed the 4.5
>> developer's edition. What's yours?
>
> Version 4.5, but I don't think it was the developer version as I don't
> do development. I'm just a user.

Neither am I; I just ran across a promotion for this version which worked
out to be free, so I decided I might as well check it out.

>> In any event, if this capability is in current versions of
>> Lindows/Linspire, I'll moderate my criticism of it. Still, the fact that
>> the default is to do everything as root is, IMHO, unforgivable -- just not
>> quite AS unforgivable as delivering a Linux system with no option to
>> create user accounts.
>
> You didn't understand. This version was designed to be as much like
> Windows as possible and so root is in control unless you create a user.
> Just like XP. This means a Windows_idiot can install it and use it
> without having to learn all that hard linux stuff.

I *DO* understand; I just think that making Linux work like Windows in
this respect is an unforgivable mistake. Linux was designed from the
ground up as a multi-user OS, and many of Linux's security features rely
on user accounts. Trying to make Linux act like a single-user OS by
giving a single root login by default may make it seem more friendly at
first, but it opens up a whole world of potential security problems. This
is bad enough on a few isolated systems, but if by some chance
Lindows/Linspire (or any other distribution built in the same way) became
popular, it'd be a disaster, because it would make it far easier for
virus writers, crackers, etc., to take over systems.

> Users with a clue will learn enough to know they must create a user with
> less priviledges and use that for everything except admin.
>
> Users without a clue will think they are using Windows, and will be as
> vulnerable as root always is.

I sincerely hope that users with enough of a clue to know they'd need to
take the non-obvious steps needed to create user accounts will not, by
and large, want to use something with such a huge security problem in its
design. This design flaw drives my level of trust in the design down to
0.

As to others, you're quite right; the system is vulnerable. Hence, when
discussing it, I can't recommend that those with less experience use it;
at least with Fedora, SuSE, Xandros, etc., users are prompted to create
user accounts at the start. It's a bit more of a shift for them, but not
much, and it's a lot safer.

>> Are you saying the programs themselves can only be run by root???? If so,
>> that's hideous.
>
> No, I'm saying that if you jump the gun and install something as root
> instead of user then only root can run that something. Ask me how I
> know (BIG grin).

In other words, the programs themselves can only be run by root, at least
if they're installed by root. I repeat: That's hideous.

> Since I've forgotten your earlier posts, what Linux are you using?

A variety. Currently I've got Gentoo as my primary desktop, with a SuSE
server. I've also got systems with Debian, Mandrake, Fedora, Slackware,
and Xandros installed. (I write about Linux for a living, so having a
wide variety available is very helpful to me.)

> How do you like knews? I always had trouble getting it to look and
> feel like I wanted. Now I just use Mozilla for mail/news.

I like knews because it does the best job of handling threads I've seen,
and because it doesn't clutter its window too much (the article list
replaces the newsgroup list, which minimizes clutter). Others all strike
me as being awkward in these respects, although they've got more and
better features in some other ways. 

-- 
Rod Smith, rodsmith@rodsbooks.com
http://www.rodsbooks.com
Author of books on Linux, FreeBSD, and networking

Relevant Pages

  • Re: Any known reason why su would not work?
    ... > Enter the root password, ... > to see a Linux command stopping to work because ... Here is why you need a FORMAT and clean install when your box IS cracked. ... The cracker may not have installed a rootkit. ...
    (comp.os.linux.security)
  • Re: root kits on linux
    ... they have to be root. ... any bad stuff you may install will only effect you UNLESS it can find ... Ubuntu, or what-ever) isn't the only Linux distribution, any more than 10.1 ... Uncrackable computers are already available. ...
    (alt.os.linux.suse)
  • Re: Windows Managers/Linspire-Lindows
    ... > Windows as possible and so root is in control unless you create a user. ... This means a Windows_idiot can install it and use it ... > without having to learn all that hard linux stuff. ... This design flaw drives my level of trust in the design down to ...
    (comp.os.linux)
  • Re: Windows Managers/Linspire-Lindows
    ... > Windows as possible and so root is in control unless you create a user. ... This means a Windows_idiot can install it and use it ... > without having to learn all that hard linux stuff. ... This design flaw drives my level of trust in the design down to ...
    (alt.os.linux)
  • Re: Windows Managers/Linspire-Lindows
    ... > Windows as possible and so root is in control unless you create a user. ... This means a Windows_idiot can install it and use it ... > without having to learn all that hard linux stuff. ... This design flaw drives my level of trust in the design down to ...
    (alt.os.linux.redhat)