"Mike A. Harris" wrote:
> You bring up a very good point here as well. I'd like to add to
> it that this will mirror itself into the Linux environment as
> well. Lets say tomorrow everyone woke up with Linux on their
> computers - having replaced windows overnight magically, and that
> all of their windows knowledge was transplanted into equivalent
> Linux knowledge.
>
> The EXACT SAME stupid things, and insecurities would occur. Joe
> blow running netscape as root and getting a buffer overflow, or
> ILOVEUNIX virus, or similar. No different really. Things would
> be slightly better, but the USER is the problem here, not the
> OS. Linux would likely prevent more things from occuring than
> does NT or W2K, but it cant stop a dumb user or careless user.
Er, I was, more or less, looking at this from the "commercial
ISV/developer viewpoint" rather than the user. I actually see some
of the Windows commercial developer attitudes in some UNIX
commercial endeavors, but far, far less frequently. I bet a bit has
to do with the free chastizing users can do in the UNIX world
whereas "Microsoft partners" are virtually under the "monopoly
umbrella" (and this is well documented and even gloated by
Microsoft).
Some has to do with the UNIX OS design, it's fully multiuser so you
have to be careful when designing it (whereas Microsoft takes the
stance: "don't make NT Terminal Server publicly available"). Plus
there is the well-defined, well-understood, user-space,
process-driven, etc... multi-user view of UNIX development. Both
have a major historical background behind them, whereas Microsoft is
only 5-years old from a public networking perspective -- heck, when
UNIX was dealing with Morris' worm, Microsoft OSes were barely
learning NetBEUI (let alone even thought of using IP).
It will be interesting as more Windows tools come over to
Linux/UNIX, like Borland's Delphi. And where Delphi does have a
heavily mature developer following, other developments like
VBasic/ActiveX emulators/interpreters still scare the crap out of
me. If they translate into GCC, that is fine, but if they run
natively as root ... let's just burn the Linux kernel source now!
Again, we'll see if the UNIX user/admin community will allow these
vendors and their products to survive if they make sure destructive
moves.
Now from the user standpoint, you're right on some counts -- like
the fact that some users will run as root. But it _can_ stop a dumb
or careless user more than Windows NT/2000 at least, because a
number of elementary libraries in the later are not built for a
multiuser environment (whereas GLibC is). Again, it comes down to
the developers more than the user in many cases (other than the
"running as root" case). A good example of developer conformity in
Linux is in the gaming arena where it is no longer a requirement to
run as root for nearly all functionality (or performance).
So the only remaining question is, will the future, greater populous
of Linux/UNIX users let down their guard on security and common
multi-user sense for some eye candy features? A good indictor that
Linux is headed for Windows-like disaster would be the acceptance of
rampant setuid on most programs (although some would argue RedHat is
already guilty of this ;-).
> heheh. Well, its good to see World Domination 101 having an
> effect. Completes the control-feedback loop. ;o)
So far I think we're safe. I've only had to chastize one user for
running as root for more than a month. ;-> We'll see though.
Nothing scares me more than VBScript/ActiveX products for Linux or
rampant setuid, both which seem to be increasing in use.
-- TheBS
-- Bryan "TheBS" Smith, Engineer CONTACT INFO *********************************************************** Chat: thebs413 @ AOL/MSN/Yahoo (see http://Everybuddy.com) Email: mailto:thebs@theseus.com,b.j.smith@ieee.org Home: http://www.SmithConcepts.com- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:19 EST