On Thu, 12 Jul 2001 08:15, Judith Miner wrote:
> Thank you for your very gracious message, Sridhar. Misunderstandings and
> misjudgments are a common problem in e-mail lists and forums, especially
> when we aren't very well acquainted.
>
> I think I was expecting too much too soon with my Linux installation. I
> wanted to get it up and fully useful within two weeks, which I stretched
> to three. I now realize it will take much longer to set up my desktop
> and become familiar with the system and the applications. I have other
> work to do, so I'll continue working with Linux as I can find time for
> it--and I really enjoy it, so finding time will be a high priority.
I'm glad we have managed to resolve things on the list. Many people buy a
little too much into the GNU/Linux hype, and become disappointed when it
isn't the same as Windows. I'm not saying you're one of them, but I'm glad
that you enjoy it -- even after all the misaccusations that have been flying
around on the list. Like anything new, it takes time to truly understand.
After a while, it'll really grow on you :-)
> >> I still get the feeling, however, that you are annoyed that GNU/Linux
>
> is not Windows. <<
>
> No, I'm not. I accept the system for what it is, I respect it, and I
> like it. I think most users of the graphical interface would agree that
> there is still work to be done. Things that Windows or Mac OS have
> gotten right ought not be rejected simply because of the source,
> however. Eventually Linux with a graphical interface will be so much
> nicer than Windows or the Mac because the user will have *choice* far
> beyond what can be done in the other OSes. You can set it up exactly the
> way you like and have so many more possibilities.
Hear, hear! However, this is also a major reason why things don't seem so
simple in *nix compared to Windows or MacOS. There are so many different
variations in features and how they are implemented that it is difficult to
design one all-encompassing way of doing something. Windows and MacOS, OTOH,
restrict possibilities to a degree where creating a new feature or
application can be easy. A similar example can be seen in *nix component
architectures. GNOME uses a very flexible system, CORBA. This flexibility,
however, made things more difficult to code, and performance was not great on
slower machines. The KDE group recognised that, and instead made their own
simpler version, KParts. While not as versatile, it wa far easier to code
for, and it was faster. This, IMHO, is a reason why KDE is developing so
quickly. KParts has made code reuse easier to achieve, while maintaining
enough functionality to get things done.
> >> Your "special character" (e.g. cedilla) problem is interesting.
>
> Microsoft tries its best to blur the distinction between elements in its
> OS, as Civileme has noted. In GNU/Linux, on the other hand, packages and
> elements are clear-cut and well-defined. Civileme appeared to be annoyed
> that many people blame the entire OS for little problems like this, <<
>
> It's a MAJOR problem, not a "little problem." It is also not really a
> blurred distinction in Windows--or in the Mac OS. Windows uses the
> so-called Microsoft 1252 character set. This is essentially the Latin 1
> character set with typographical characters inserted into the empty
> positions between 129 and 160 in the 256 available slots. *All*
> applications use the same character set, and all characters can be
> entered from the keyboard (with many languages supported). All TrueType
> fonts in the \Windows\Fonts directory are available to all applications
> for printing, with correct screen rasterization at all point sizes. All
> Type 1 fonts managed by Adobe Type Manager are available to all
> applications for printing and viewing. Character sets are consistent
> across applications. It is seamless and transparent to the user. You
> *never* have to install fonts into applications. The system supplies the
> fonts to the applications. Windows 2000 supports both Type 1 and
> TrueType natively, and Unicode is also supported, though the extent
> depends on the application. Unicode is still fairly new and applications
> have to be written to take advantage of it. Plus most fonts do not yet
> have a full Unicode set of glyphs and many never will. Mac OS operates
> similarly, with a consistent character set available to all applications
> with the same keystrokes.
>
> Lest you think I am viewing this problem through a Windows lens, let me
> quote from the "Font HOTTO" from linuxdoc.org (also installed with
> Mandrake 8 documentation):
> "Installing fonts for WYSIWYG publishing on Linux is a relatively
> complex task... The main reason for the complexity is that the font
> printing system (ghostscript) is unrelated to the screen font system. In
> a way, Linux's left hand does not know what its right hand is doing.
> This problem is nontrivial to solve, beause it is possible that printer
> fonts and display fonts reside on different machines, so there is no
> guarantee that all fonts the XClient uses are printable.
>
> "...It seems that font management standards which address this issue
> would greatly simplify the installation of fonts into WYSIWYG publishing
> systems, because all applications could use a system-wide (as opposed to
> application-specific) configuration."
>
> Read the last sentence again. That's the point I was trying to make. Is
> the author of "Font HOWTO" a fifth columnist as some on this list
> thought I was?<g>
This is all slowly changing for the better. Monolithic apps with proprietary
font sets (e.g. Wordperfect for Linux) are being overtaken by those employing
more standard system-wide techniques (e.g. OpenOffice, GNOME Office and
KOffice). Both KDE and GNOME have their own printing architectures now
(Kprint and GNOME-Print), which AFAIK bypass GhostScript. These will employ
the same fonts as does X.
Unicode is a work in progress, and poses a problem to GNU/Linux in that most
good font sets out there are proprietary. However, as a whole GNU/Linux is
seen to have far better internationalisation support than does Windows. I
remember reading an article about the spread of GNU/Linux in China, which has
been spearheaded by the Red Flag Linux distribution (run by Chinese Presedent
Jiang Zemin's son). Apparently (IIRC), the average number of keystrokes
required to obtain a Chinese character in GNU/Linux is two, compared to about
four or five in Windows.
> >> I still cannot excuse your assertions that logging in as root is
>
> harmless. This has got to be the *worst* thing you can do. <<
>
> I've never made a general statement that logging in as root is harmless
> or ought to be a general practice. I have ALWAYS acknowledged the
> importance of the root/user distinction when multiple users are
> involved. What I have been trying to *find out* (because I do not KNOW)
> is whether the "harmfulness" really applies when the sole user of the
> system is also root. Leaving aside the question of being online as root,
> so far the only harmful thing anyone could suggest as a result of a
> single user working regularly as root is that not being forced to enter
> a root password would make "single user" less conscious of the
> consequences of an action. Frankly, this seems paternalistic to me--as
> if one says, "you are so careless that unless you are forced to think
> about it, you'll do crazy things like delete files and directories
> willy-nilly." Besides, if it's MY system and I mess it up because I was
> flailing about as root, it's also MY problem, isn't it? As long as I'm
> the only one who is suffering the consequences, why should anyone else
> care? If you've warned against it and I ignore your advice, do something
> foolish, and suffer for it, you've done what you were supposed to do and
> are not responsible for my mess. In no way was I criticizing the basic
> design of Linux and I don't know why people thought I was.
>
> As for Internet consequences, I agree that being online as root *may*
> make your computer an easier target for crackers. Again, if a virus or
> trojan affects only my computer, I don't think anyone else need be
> concerned about it. If I'm passing on the virus, then it becomes more of
> a public matter. And if my computer becomes a launching pad for DoS
> attacks because of my lax security, I am part of a problem and failing
> in my responsibility. The question is how secure is secure? If I pass
> every open port test and am using a firewall, can't I feel I am doing
> enough to foil the baddies? I am only looking for answers based on fact,
> not OS religion.
>
> What about this theoretical scenario? Work as root if it's convenient
> and log on as user when one wants to go online. That would preserve my
> responsibility to the online universe, would it not? Especially given
> that I have a dialup connection that is in use *only* when I am actually
> doing something, so it is an unattractive target for crackers. Firewall
> and closed ports in effect, of course.
>
> I really don't want to keep going round and round on this and would just
> as soon drop it. I do feel that some people have overreacted to my
> questions, however. I want to know the genuinely possible bad effects of
> operating as root, both within my system and online, and then I can make
> my own decision accordingly.
Your arguments appear to be sound. If you are not online, you are the only
person able to make modifications to your system. Just remember that over 90%
of system problems are created through user error. If you keep this in mind,
and are careful about what you do, then you should be fine.
> >> your annoyance with typing the root password over and over can be
>
> safely circumvented with user permissions, su, kdesu and sudo <<
>
> Until I asked about this, I did not know about kdesu and sudo, and I
> thank you for the information. Let me ask this: in what way is a user
> with root functions through kdesu and sudo less dangerous than simply
> being root? If you can tell me where to look to find the information,
> you needn't take the time to answer this yourself.
su, kdesu and sudo can be used to give *limited* root access -- just enough
to get your work done. If you load an application with "kdesu -c command",
that and only that application will be loaded with full root privileges. The
root password can be remembered for a predetermined amount of time so that if
you load that application again using "kdesu -c command" within that time
frame, you will again have root access. kdesu can be configured in the KDE
Control Centre (go to Personalisation -> Passwords). This is far more secure
than giving system-wide root access. You can use KDE's help for more
information on kdesu. The su command is a console version of kdesu, and works
in a similar way. For more information, type "man su" or "info su" at a
command line. I have never personally used sudo, so I cannot comment on it
much. What I can say is that is a common tool used by sysadmins, so it is
considered to be very secure. If you have the sudo package installed, you can
type "man sudo" at a command line for details. I'm sure you can find more
user-friendly documentation if you do a web search (try
http://www.google.com/linux).
> I am trying to learn, which is why I continue to ask the questions. If
> you're tired of going over this again, you can decline to answer and I
> won't feel ignored.<g> At any rate, I hope this will be the end of the
> root/user discussions because I think everything that can be said has
> been said.
I agree. It's obvious that you have given this some proper thought, and I
respect your decision.
> Thanks again for your friendly message.
No worries :-)
> --Judy Miner
--
Sridhar Dhanapalan.
"There are two major products that come from Berkeley:
LSD and UNIX. We don't believe this to be a coincidence."
-- Jeremy S. Anderson
