Linux-Advocacy Digest #874, Volume #25 Wed, 29 Mar 00 15:13:07 EST
Contents:
Re: Why Linux on the desktop? (JEDIDIAH)
Re: Why did we even need NT in the first place? ("Chad Myers")
Re: BEOS 5 the new star in OS's (Mark S. Bilk)
Re: Why Linux on the desktop? (George Richard Russell)
Re: Why Linux on the desktop? (George Richard Russell)
Re: Why Linux on the desktop? (JEDIDIAH)
Re: BEOS 5 the new star in OS's (abraxas)
Re: Windows 2000: nothing worse ("John W. Stevens")
Re: Debian Potato release? (Alex LaHurreau)
Re: Windows 2000: nothing worse ("John W. Stevens")
Re: BEOS 5 the new star in OS's (JEDIDIAH)
Re: Windows 2000: nothing worse ("John W. Stevens")
Re: Windows 2000: nothing worse ("John W. Stevens")
Re: Windows 2000: nothing worse (Craig Kelley)
Re: Windows 2000: nothing worse ("John W. Stevens")
----------------------------------------------------------------------------
From: [EMAIL PROTECTED] (JEDIDIAH)
Subject: Re: Why Linux on the desktop?
Date: Wed, 29 Mar 2000 17:08:53 GMT
On Wed, 29 Mar 2000 10:43:50 GMT, George Richard Russell
<[EMAIL PROTECTED]> wrote:
>On Tue, 28 Mar 2000 21:44:22 GMT, JEDIDIAH <[EMAIL PROTECTED]> wrote:
>>On Tue, 28 Mar 2000 13:44:32 -0700, John W. Stevens <[EMAIL PROTECTED]> wrote:
>>>George Richard Russell wrote:
>>>>
>>>> What free spreadsheet has equivalent functionality to Lotus 123 from SmartSuite
>>>> 96, the last 16 bit windows 3.1 version?
>>
>>StarOffice 5.1 does better Excel import than Smartsuite 97, actually.
>
>In a Linux ng, being misunderstood about 'Free' as in Open sourced,
>not SCSL.
>
>There is more to functionality than import filters.
If you can't even get the file into the program, then it's
kind of hard to do anything else with it.
If however you are not interested in dealing with alien
file formats, then your options are a bit more open.
Still, if you are obsessed with being a good Microsoft clone
then being unable to import a very basic excel spreadsheet is
likely not a good sign.
"equivalent functionality" is still a big fat red herring
and one that is used to weasel out of providing details.
--
It is not the advocates of free love and software
that theare the communists, but rather those that |||
advocate or perpetuate the necessity of only using / | \
one option among many, like in some regime where
product choice is a thing only seen in museums.
Need sane PPP docs? Try penguin.lvcm.com.
------------------------------
From: "Chad Myers" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Why did we even need NT in the first place?
Date: Wed, 29 Mar 2000 11:22:49 -0600
First, I'd like to apologize for the multiple quotes and confusion in this
post. For some reason, my news server received neither
[EMAIL PROTECTED]'s
message, nor Andrew's message.
So I'm posting THROUGH Christopher's message, please bear with me, thanks.
> > [EMAIL PROTECTED] wrote:
> > >
> > > Chad,
> > > I just for fun and because I had a demo cd of W2K installed it and tested
> > > W2K and let me tell you it is still crap. I can not remotely log in and
> > > administer a W2K box..this means if I was masochistic enough to install it
> > > on my network of 23 Servers + 6 workstations. I would have to take the
> > > systems out of useage to admin the systems.
mvergall:
Was this Win2K Pro or Server? Both Pro and Server have extensive remote
management
capabilities through WMI.
If you need to "console in", you can use the Terminal Services in Win2K
Server in
remote administration mode (I believe it comes with 2 free licenses for
Remote admin
purposes only).
Both Win2K Pro and Server have telnet services as well.
But, there would be very few reasons you would ever need to console into a
Win2K box,
as you could use WMI to do everything remotely, but for some reason, you guys
can't seem
to get it through your head that simply because you can't telnet in and get a
*nix shell,
doesn't mean it can't be managed remotely.
Also, JOOC, what's the point of having 23 servers + 6 workstations? Am I to
assume that for
Linux you need to have 23 servers for every 6 clients? Wow... how's that for
TCO!
I can show you a screenshot of my MMC console with all my servers grouped
neatly together
will all the administrative functions available to me.
> "Andrew" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > Perhaps you didn't look at the software hard enough. If you installed
Terminal
> > Services you can remotely administer the machine with the full GUI. Yes, I
know
> [snip]
Unfortuantely, Andrew, he's so clueless that logic escapes him. If it doesn't
have a
$ prompt, he doesn't know what to do.
"Christopher Smith" <[EMAIL PROTECTED]> wrote in message
news:8btca0$j7l$[EMAIL PROTECTED]...
> Unfortunately you're using the wrong definition of "remote administration".
>
> "Remote Administration" is a pseudonym for "can telnet in".
Yeah, for some reason, those guys can't seem to get over that...
-Chad
------------------------------
From: [EMAIL PROTECTED] (Mark S. Bilk)
Subject: Re: BEOS 5 the new star in OS's
Date: 29 Mar 2000 17:44:44 GMT
One thing for sure: if BeOS ever gets popular enough to
take significant market share away from Microsoft, then
a bunch of pro-Microsoft Usenet spammers using fake names
will mysteriously appear and start posting hundreds of
lying propaganda articles against BeOS every day, just as
they do now against Linux. (For example, the poster of
this article, who sounds exactly like Steve/Mike/Heather/
teknite/sarek/S/sponge/etc.)
In article <[EMAIL PROTECTED]>,
piddy <[EMAIL PROTECTED]> wrote:
>
>BEOS 5 is ready for downloading, but the site is too busy.
>
>Fortunately you can download BEOS at other places. Check the Beos
>newsgroup.
>Here's a fast site:
>http://download.cnet.com/downloads/0-10108-100-1594977.html?tag=st.dl.10000_
>103_1.lst.td
>
>Btw, it's well worth taking a look at. It's fast, looks great, is as
>easy as the Mac. Just click around and you can figure things out.
>Don't count on it working with Win-modems and the off brand sound
>cards though.
>
>It defaulted to 640x480 on my computer, but in less than 5 minutes I
>found a way to adjust it to 800x600 and changed the refresh rate from
>56 to 72 to cut down on flicker. Try that with Linux! My wheel mouse
>worked and scrolled most windows. I'm seriously thinking of getting a
>different modem and sound card and using this for web browsing, file
>downloading, and fun stuff.
>
>If it had apps, I'd say it had an excellent chance to make it big.
>
>piddy -- Linux now sucks more!
>
------------------------------
From: [EMAIL PROTECTED] (George Richard Russell)
Subject: Re: Why Linux on the desktop?
Reply-To: [EMAIL PROTECTED]
Date: Wed, 29 Mar 2000 17:55:30 GMT
On Tue, 28 Mar 2000 15:28:00, John W. Stevens <[EMAIL PROTECTED]> wrote:
>George Richard Russell wrote:
>>
>> And yet is more powerful and fully featured.
>
>Is it? How powerful is a crashed program, after all?
So you recommend the use of alpha software ala Gnumeric then?
>What good is power you don't use?
Needs grow.
>> Hmmm...
>> Hint - you'll need more functionaility in Gnumeric before you can dumb it down.
>
>Hey, if you need functionality that Gnumeric doesn't have . . . get
>something else. Xess, SO, Applixware, Wingz, what have you. . .
Are they free as in the GNU sense? Thought not...
>> >Who said WYSISYG ??, that is a MS retrograte offering,.... keep it.
>>
>> for those who need it, its essential.
>
>In other words, since nobody needs it, it is a huge waste of processor
>time, disk space and RAM.
since you don't need it, anyone who does is obviously wrong. Lovely rhetoric.
>The days of being required to tweak every tiny bit of your documents are
>long past. The modern user knows that presentation is the job of the
>system, not the user.
Indeed, so I refuse to learn another bizarre typesetting language, and just
do the content.
>> >Lyx is WYSISYW, way better imho, have you ever actually used Lyx George ?
>>
>> Yes, and KLyX too, it doesn't offer too much layout control without the
>> insertion of La(TeX) codes into the document,
>
>Because if you *DO* attempt to control the layout, you're doing
>something stupid. Layout is, after all, typesetting.
The options offered in LyX are limited.
>Chose the appropriate document style, then forget about it. That's the
>*RIGHT* way to do it, as that means that your documents are typeset in a
>professional manner.
Then supply some more styles, huh?
>> and
>> some more templates for more DTP stuff (an abuse of LyX's core idea, but would
>> be useful)
>
>And a really, really dumb idea. Never, Never, Never violate the core
>design concept of a system. Doing so is the most damaging root cause of
>defects.
By templates, I mean styled documents - like you wanted above.
>> Really? I don't see
>> a) Hundreds of Thousands of preinstalled Linux systems
>
>Where did you look? Have you queried VA Linux, or one of the big
>companies that sell PC's?
Hint - only recently have they started selling linux servers....
>> b) Massive third party software range
>
>There is indeed third party software, both free and commercial, for
>Linux. The fact is that there is more for Windows, of course.
More for MacOS as well and probably Solaris.
>> c) All the hand holding books that Windows has
>
>Windows needs 'em. Linux has hand holding books ("Linux For Dummies"),
>but in general you'll not find as many because in most cases, hand
>holding documentation for Linux is already freely available.
And frankly, disorganised and inferior.
Which docs can tell me how to add users across all Linux systems?
adduser or useradd or a GUI frontend....
>> d) The ability to do everything by point and click
>
>This cannot be done under Windows. Nor can it be done under Linux.
>Your point?
You can do more in Windows with the mouse.
>With the ability to connect your PC to a high speed, "always on" network
>connection like DSL or a cable modem, the ability to access your files
>from anywhere in the networked world will very quickly become a "desktop
>capability".
If and when Europe gets this cheaply, we'll be running NT anyway.
>Linux already has this. Windows NT and Windows 2000 do, as well . . .
>which proves my point. The capabilities that Linux already has are
>being added to the "next generation home OS" that MS is just now
>starting to push . . . NT (Win2K).
Business OS, if you read the press releases
>> >Should a good Desktop, be able to run remote GUI or cli apps on another
>> >box, easily ?
>>
>> Remote GUI - why ?
Its not needed when most people only have one computer - and its only
networking is via modem.
>Which is like asking: Web access? Why?
Information retrieval. Obviously. Remote GUI apps are just slower than local
ones.
>> CLI apps - there is a telnet client. It sucks, but its there.
>>
>> Not really typical desktop needs.
>
>As above: You need to understand that "typical desktop needs" simply
>reflects what capabilities that the general public was given by the
>dominant supplier. As "unusual" capabilities become more and more
>prevalent (with the rise of desktop Unix), you will see more and more
>"desktop users" using these technologies.
As the population using PC's grows, desktop user will increasingly become
even more equal to Windows user, or in trendy cases, iMac user.
>Remember, just a few short years ago, networking was not a "desktop user
>need". Now, it is.
Its still not exactly delivered to each and every home, fast and cheap.
>> >Should a good Desktop, offer many Window managers, instead of just the one?
>> >We are not all alike, hence different cars, colors, etc.
>>
>> We all have to start from somewhere, hence the initial consistency,
>
>Which totally side steps the question. Initial consistency is available
>on any system. But, after you stop being a total newbie, how do you
>gain the power of choice on a Windows system?
Using freely available 3rd party software.... Just like Linux, except its not
bundled on the CD.
[snip crap about how Linux == good server, as irrelevant to desktop use]
George Russell
--
One ring to bring them all, and in the darkness bind them.
Lord of the Rings, J.R.R.Tolkien
Hey you, what do you see? Something beautiful, something free?
The Beautiful People, Marilyn Manson
------------------------------
From: [EMAIL PROTECTED] (George Richard Russell)
Subject: Re: Why Linux on the desktop?
Reply-To: [EMAIL PROTECTED]
Date: Wed, 29 Mar 2000 17:55:35 GMT
On Tue, 28 Mar 2000 23:07:04 GMT, JEDIDIAH <[EMAIL PROTECTED]> wrote:
>On Tue, 28 Mar 2000 22:13:41 GMT, George Richard Russell
><[EMAIL PROTECTED]> wrote:
>>On 25 Mar 2000 12:07:53 +0800, Terry Porter <[EMAIL PROTECTED]> wrote:
>>Any competent Windows image software allows for batch manipulation and
>>conversion of images - without the need to learn to program.
>
> Then a singular example should not be such a problem.
Paint Shop Pro is the usual example. Try it and see.
--
One ring to bring them all, and in the darkness bind them.
Lord of the Rings, J.R.R.Tolkien
Hey you, what do you see? Something beautiful, something free?
The Beautiful People, Marilyn Manson
------------------------------
From: [EMAIL PROTECTED] (JEDIDIAH)
Subject: Re: Why Linux on the desktop?
Date: Wed, 29 Mar 2000 18:09:48 GMT
On Wed, 29 Mar 2000 17:55:35 GMT, George Richard Russell
<[EMAIL PROTECTED]> wrote:
>On Tue, 28 Mar 2000 23:07:04 GMT, JEDIDIAH <[EMAIL PROTECTED]> wrote:
>>On Tue, 28 Mar 2000 22:13:41 GMT, George Richard Russell
><[EMAIL PROTECTED]> wrote:
>>>On 25 Mar 2000 12:07:53 +0800, Terry Porter <[EMAIL PROTECTED]> wrote:
>>>Any competent Windows image software allows for batch manipulation and
>>>conversion of images - without the need to learn to program.
>>
>> Then a singular example should not be such a problem.
>
>Paint Shop Pro is the usual example. Try it and see.
That's not an example.
"ls *jpg | sed 's/.jpg//g' | xargs -ifred convert fred.jpg fred.png"
or
"make-folder-icons.sh"
Is an example.
--
It is not the advocates of free love and software
that are the communists here , but rather those that |||
advocate or perpetuate the necessity of only using / | \
one option among many, like in some regime where
product choice is a thing only seen in museums.
Need sane PPP docs? Try penguin.lvcm.com.
------------------------------
From: [EMAIL PROTECTED] (abraxas)
Subject: Re: BEOS 5 the new star in OS's
Date: 29 Mar 2000 18:57:42 GMT
Tim Kelley <[EMAIL PROTECTED]> wrote:
> Be may be easier to get started in than linux, but it's
> application availability problem is (by far) worse. Especially
> the types of programs that should be running on it (audio, video,
> etc.).
Apparantly youve never actually used BeOS, or if you have, you werent paying
attention. Exactly what sort of audio/video functionality is missing?
Or is it that you simply want ports of your FAVORITE software for such
applications? Cakewalk? Lightwave? What is it?
=====yttrx
------------------------------
From: "John W. Stevens" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Windows 2000: nothing worse
Date: Wed, 29 Mar 2000 12:05:01 -0700
Chad Myers wrote:
>
> But with NT (SP3 and later), if your physical security was somehow
> compromised, it would be rather difficult and time consuming to get
> access to the machine.
How so? I've seen experts crack an NT 4.0 system with service packs
installed in less than
five minutes.
> With Win2K, if the files are EFS, it's near
> impossible to ever get the files out.
>
> It's frightening to know that someone could just walk up with a boot disk
> in *nix and set the root and have their way with the system...
Why? Physical security is a must, it's the foundation for all other
types of security.
If you really need to have security, then putting the machine out where
anybody can have at it is the wrong way to go.
And if you have physical security, then why does it scare you that the
system could be rebooted and fixed?
> I suppose you could PGP the important stuff, though...
Secure data, is not the same as a secure machine. And if you have an
insecure machine, you have an insecure data store. Not even PGP will
protect you if your machine is not physically secure.
However, if that's what you are looking for is encryption: Linux has
several encrypted file systems.
--
If I spoke for HP --- there probably wouldn't BE an HP!
John Stevens
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (Alex LaHurreau)
Subject: Re: Debian Potato release?
Reply-To: [EMAIL PROTECTED]
Date: Wed, 29 Mar 2000 19:06:54 GMT
And lo, on the glorious day of 22 Mar 2000 03:28:58 GMT,
Andres Soolo <[EMAIL PROTECTED]> spake saying:
>Tim Kelley <[EMAIL PROTECTED]> wrote:
[snip]
><topic newsgroup="cola">
>This shows well that in the Linux development model, the quality
>is more important than the release date, which can and will be
>pushed where it won't interfere with buglessness.
></topic>
Of course I don't suppose that dpkg's release-critical bugs
will get fixed by the next release. :-)
--
AlexDW <[EMAIL PROTECTED]> -- KB9SYM -- DOCTOR WHO FOREVER
NEWARK has been REZONED!! DES MOINES has been REZONED!!
Visit The NEW Home of AlexDW at http://www.locl.net/homes/alexdw/
------------------------------
From: "John W. Stevens" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Windows 2000: nothing worse
Date: Wed, 29 Mar 2000 12:21:36 -0700
Erik Funkenbusch wrote:
>
> > With the Unix "admin" account, you *CANNOT* "take ownership" of other
> > peoples files. In fact, you cannot delete/modify other peoples files
> > unless they give you permission first.
>
> An admin should be able to to do whatever he wants in a system. He
> shouldn't be at the mercy of his users.
Fine. Then create the minimum neccesary suid root or sudo capabilities
to take that amount of control you think an administrator should have.
> The argument isn't about security, it's about safety.
No, it's not. The thread mutated to include the subject of malicious
administrators (a security concern).
But if the thread is about safety, then the point is moot. Safety comes
from discipline and a careful, thoughtful approach to wielding the power
of being an administrator.
Trust me, people can still manage to do dumb things even when you put a
few hurdles in their way.
I've seen it done: drag an entire directory to the trash can. Empty
trash. Respond yes, really empty the trash.
OOPS! I didn't want to delete all of those files!
The user screwed up, even with all of your vaunted safety, 'cause if the
power is there, you can indeed screw up. The trick is to double check,
and to think first. Which is why long time Unix users think that
"confirmation dialogs" are a waste of time: "If I hadn't wanted to do
that, I wouldn't have done that!"
Unix users are not less safe, contrary to your stance. In fact, they
are more safe, as they develop good working habits.
> For instance, suppose
> you run a program as root that has a bug in it, and it randomly writes to
> disk sectors or it accidentally trashes a file it shouldn't be touching.
Or suppose your run that program as an Administrator? If it's that
poorly written, and the Administrator has the ability to take control
over any file, then there is nothing to stop the program from taking
control over files it's not supposed to, then trashing them.
> Under Unix, a program run under root can do just about anything it likes.
The program has to be run with root permissions.
But if run with root permissions, then that program is pretty powerful.
That's the point of root.
> Now, you can argue that you shouldn't run untrusted or non-thoroughly
> debugged applications under root, but that's just a band-aid. The OS should
> allow you to do such things unless you specifically tell it you want to do
> them.
Note: by running that program, you *DID* tell it to do those things.
And no, requiring that the programs you run with root permissions be
thoroughly debugged is *NOT* "just a band aid".
What happens if you run a program as an NT administrator that
automatically takes ownership of a bunch of files then deletes 'em?
Once again, your point is moot, 'cause it really isn't a point: poorly
written programs are a reality regardless of the system. The only
solution is properly developed, fully peer reviewed programs.
> Note that i'm not advocating removing absolute power. I'm advocating
> removing absolute power without safeguards.
Root has the best, most efficient, least intrusive possible safeguard .
. . a trained, thoughful, careful user.
If your point were valid, I'd be in real trouble, having done all kinds
of damage to my system just this month alone . . . but that's not the
case. I do a lot of systems administration, and I don't need the kind
of productivity killers you say I do, 'cause I've already got *BETTER*
safety than what you have.
As they say in Libertarian circles: It's not the gun that's dangerous,
it's the idiot holding it that's dangerous!
If your point is that root should be made safer so that the untrained
user can administer his/her system, then I'd say we have a different
discussion, yes?
--
If I spoke for HP --- there probably wouldn't BE an HP!
John Stevens
[EMAIL PROTECTED]
------------------------------
From: [EMAIL PROTECTED] (JEDIDIAH)
Subject: Re: BEOS 5 the new star in OS's
Date: Wed, 29 Mar 2000 19:25:11 GMT
On 29 Mar 2000 18:57:42 GMT, abraxas <[EMAIL PROTECTED]> wrote:
>Tim Kelley <[EMAIL PROTECTED]> wrote:
>
>> Be may be easier to get started in than linux, but it's
>> application availability problem is (by far) worse. Especially
>> the types of programs that should be running on it (audio, video,
>> etc.).
>
>Apparantly youve never actually used BeOS, or if you have, you werent paying
>attention. Exactly what sort of audio/video functionality is missing?
His comments are quite consistent with what you will see when
BeOS users discuss this problem amongs themselves.
>
>Or is it that you simply want ports of your FAVORITE software for such
>applications? Cakewalk? Lightwave? What is it?
--
It is not the advocates of free love and software
that are the communists here , but rather those that |||
advocate or perpetuate the necessity of only using / | \
one option among many, like in some regime where
product choice is a thing only seen in museums.
Need sane PPP docs? Try penguin.lvcm.com.
------------------------------
From: "John W. Stevens" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Windows 2000: nothing worse
Date: Wed, 29 Mar 2000 12:24:24 -0700
Erik Funkenbusch wrote:
>
> Unless you su root, type rm * -rf and then realize you were in /home rather
> than /home/userx
Your point applies equally well to NT:
1) You take control over a bunch of files.
2) You delete 'em permanently.
Then you realize that that wasn't the group of files you were trying to
delete.
Sooner or later, it boils down to thinking, then doing the right thing.
--
If I spoke for HP --- there probably wouldn't BE an HP!
John Stevens
[EMAIL PROTECTED]
------------------------------
From: "John W. Stevens" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Windows 2000: nothing worse
Date: Wed, 29 Mar 2000 12:27:11 -0700
Donovan Rebbechi wrote:
>
> On Tue, 28 Mar 2000 12:56:37 -0600, Erik Funkenbusch wrote:
> >John W. Stevens <[EMAIL PROTECTED]> wrote in message
>
> >> With the Unix "admin" account, you *CANNOT* "take ownership" of other
> >> peoples files. In fact, you cannot delete/modify other peoples files
> >> unless they give you permission first.
> >
> >An admin should be able to to do whatever he wants in a system. He
> >shouldn't be at the mercy of his users.
>
> You can use the root account when you want to do what the admin
> account won't allow with "su -c".
Or even more securely: setup the appropriate and neccessary SUDO
abilities for admin.
To solve Erik's problem: don't give admin permission to run rm as root.
Only allow admin to run chmod as root.
> You have the same kind of issues on NT -- certain applications will need
> to run with elevated priveliges. DOn't any processes need to run as "system" ?
> How does your mail server deliver to a user's mailbox ?
Actually, there's a trick that allows a hacked sendmail to run as less
than root. You loose some capabilities, of course.
--
If I spoke for HP --- there probably wouldn't BE an HP!
John Stevens
[EMAIL PROTECTED]
------------------------------
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Windows 2000: nothing worse
From: Craig Kelley <[EMAIL PROTECTED]>
Date: 29 Mar 2000 12:37:27 -0700
"Chad Myers" <[EMAIL PROTECTED]> writes:
> "Craig Kelley" <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > > Exactly what can SYSTEM do that Administrator cannot? Please inform
> > > us.
> >
> > Come now, I'm not going to educate an NT advocate about NT.
> >
> > And, all you really need to do is add the Backup group to the
> > Administrator....
>
> No, really, Craig, I want to hear it. Exactly what would that do?
> Please inform all of us. Let us know how much you know about NT.
It would allow you (on a default NT installation) to read every file
on the system, regardless the ACL settings.
> > > Besides, there's nothing preventing anyone from making WWW run as another
> > > user.
> >
> > True, and indeed IIS4 does run as the inetpub user. They learned
> > their lesson.
>
> <sigh> Do you have ANY fscking clue?
>
> 1.) The World Wide Web Publishing service runs as the SYSTEM account,
> not as the "inetpub" user. There is no "inetpub" user, that's the root
> directory where the html and asp documents are stored.
Crucify me. I meant IUSR.
[snip]
> 4.) What lesson did they learn, please inform us?
That running a service as a system user *all the time* is a bad thing.
> > > What happens if you lose the root password?
> >
> > Boot up with a floppy, change the password.
>
> Wow, that is secure.
Wow, that's what you do with NT as well.
--
The wheel is turning but the hamster is dead.
Craig Kelley -- [EMAIL PROTECTED]
http://www.isu.edu/~kellcrai finger [EMAIL PROTECTED] for PGP block
------------------------------
From: "John W. Stevens" <[EMAIL PROTECTED]>
Crossposted-To: comp.os.ms-windows.nt.advocacy
Subject: Re: Windows 2000: nothing worse
Date: Wed, 29 Mar 2000 12:32:06 -0700
Erik Funkenbusch wrote:
>
> Donovan Rebbechi <[EMAIL PROTECTED]> wrote in message
> news:[EMAIL PROTECTED]...
> > >An admin should be able to to do whatever he wants in a system. He
> > >shouldn't be at the mercy of his users.
> >
> > You can use the root account when you want to do what the admin
> > account won't allow with "su -c".
>
> Completely obliterating the effects of having a non-root account in the
> first place.
Then use sudo, instead.
As I said, Unix is *SAFER* than NT, if you wish to set it up that way.
> > You don't run a program that's this badly written as root. Just like you
> > don't run trash-the-system.exe with the admin account. Seriously, there
> > are very few programs that need to be run as root, and unless you are
> > running well tested code, you should not be running it as root.
>
> As i said. Saying "don't do that" is a bandaid. Not a solution.
Yes, you did say that. But you are wrong.
How does NT protect me from accidentally taking control over the wrong
bunch of files, then permanently deleting them?
Answer: "Don't do that".
If you have a valid point, and I'm not sure that you really do, then NT
doesn't fit your requirements, either.
> Yes, they typically do run as system. Though that's really just laziness.
> They really should run with special rights to allow them to impersonate
> other users for file access.
This can be done on Unix systems, as well. In fact, one sendmail
replacement (qmail), does not have to run as root.
--
If I spoke for HP --- there probably wouldn't BE an HP!
John Stevens
[EMAIL PROTECTED]
------------------------------
** FOR YOUR REFERENCE **
The service address, to which questions about the list itself and requests
to be added to or deleted from it should be directed, is:
Internet: [EMAIL PROTECTED]
You can send mail to the entire list (and comp.os.linux.advocacy) via:
Internet: [EMAIL PROTECTED]
Linux may be obtained via one of these FTP sites:
ftp.funet.fi pub/Linux
tsx-11.mit.edu pub/linux
sunsite.unc.edu pub/Linux
End of Linux-Advocacy Digest
******************************
