-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, Aug 16, 2005 at 08:21:27AM +1000, Paul Trevethan wrote:
> > > While I believe that Lindow^H^H^Hspire is a wart on the face of free > > > software, I was shocked to see Ubuntu seemingly taking the same > > > path. Am I missing something? > > > > Yep - the difference between running every process as root and secure > > access to administrative functionality via sudo. :-) It's still kind of risky to have a normal user running with unrestricted sudo rights, not as risky as running everything as root. Malicious software that has taken over the user's account can usually find a way to trick them into entering their password, especially when they are in the habit of entering it at various times anyhow. It's nice to have root as a DIFFERENT password because it provides a warning flag to the user. > Also, is it not true that Ubuntu's action with regard super user rights > only applies to the first user created during install. All subsequent > users created do not display these "sudo" traits and behave as a > normally restricted user on any other Linux (apart from Lindows). > > So, on install create a user called "lord" or such. Then when > installed, create all the other "standard" users you require. Yes, this is a sensible idea, isolate the danger as much as possible. Probably most ubuntu users don't understand they should do this, then again, in a desktop-oriented operating system security is typically going to be a bit more lax than in a server-oriented system. > My view is that Lindows, in its attempt to be so much like Windows to > supposedly make it easier for 'crossover', has in fact become so much > like it to include its security vulnerability. Why not stay with > Windows? Price... freedom... attitude... I think it is an excellent thing to have a Linux distro that has the stated purpose of being as similar to Microsoft as possible. I wouldn't use it myself but I fully encourage anyone else to use it if (and only if) their main criteria for measuring technological progress is comparing things to Microsoft. For example, each and every time someone does a review of Debian or RedHat and comes to the conclusion "It's not like Microsoft", the reply should always be a resounding, "You should be using Linspire, go review that instead". This leaves the rest of the Linux community to go and do things that are not identical to Microsoft. - Tel -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (GNU/Linux) iQIVAwUBQwMfCsfOVl0KFTApAQIJiw/9FTfMh0bRImSBV80WinSEs1Lbf5p6/tPA Rts/lueO3towy49IxcABXbdOZzfFPwDadYRgr4sBwCob880G2wdNJau5hb27WJl0 z5P1dS3hPRUjkNPUPnN9l4Wc5JARhP8EpjW9qt5asdyRMK0xN+mGiVIu3I/cJbkm 1g1L3o+rvmQ95Ld9u63yeDJQyegGvB+GsMQdEIFcQEHdSFMOZXfclzGP7AIcl+Wl ViUjBkOj6q7Ga2qTVODnV78bvft0q8bSbpgGjksQ/25KVm7PfHQCiyHtGVfpzQBk +iaG1GsvgqQnaWPmuqY1LTvlXhdkUmr7tjEcGBYjDrL4uvDWYEZUNmKyv1wSiAqP XJ2BMSnXG2q3wFkdBXgWWOh2+Dk5boTddWKKli0O2IT3cumV+BxLjOzHaBrrLfcD HGd4uh9rq0GBIR2YHFKfIk0GlupU/usq2/PCHGPCvynhxfg40/6gE53b9d1/wp8k wSTH9ojWvwZR7vCuVeaYGQaJ0UvSHpob377oJRJWPiq/B1eYXRI6b2jYwRL+Lekq qtzB65Xk4HMB3lIZnd6XXDQeWquW0WaRrypSeptdd2/kdfVZWEozNR1AVqiMPH31 D6J6ZswYzc60l2f1a8M7047wa0VDsl2BMwkE3YkaSCJlqB2CrTqJDvibszy9VkPA CFJgogV0d3Y= =pcJN -----END PGP SIGNATURE----- -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html