They are not necessarily Linux bugs
|
| Author | Content |
|---|---|
| ffiorese Oct 22, 2004 11:34 PM EDT |
It's the same story. The "press" advertises for Linux bugs but in effect they are bugs related to applications/libraries included in Linux. One could not affected by these bugs if uses different a browser (like Konqueror or Opera for example), a different PDF viewer (like the Adobe one)... Also it's not really true that an hacker could possibly execute "arbitrary" code on your PC and do an important damage. On a well configured system it's still very very difficult. |
| mojavelinux Oct 23, 2004 8:24 AM EDT |
Executing arbitrary code on Linux is a myth. Why? A Linux user cannot execute arbitrary code. Even the most damaging program in the world (something like rm -Rf /) can only do marginal damage to a system. Properly secured systems will only allow damage to documents and settings. In Windows, especially older versions such as Windows 2000, most users have the Administrative role and could really tear up a system. Even without the Administrative role, system files can be changed or removed by a user. So Linux really is that much more secure and the reason is extremely simple. Users cannot be trusted. |
| Trevelyan Oct 23, 2004 1:05 PM EDT |
What more important to _you_, the stuff in /usr, /lib, /etc.. etc
or /home/you ? The first is safe, but relatively easy to replace, even without backups. The second you have write access to, and will most likely contain your most important and ireplacable files. Even worms and trojans can work, although they can not bind to ports below 1024, they probably wont need to. You may be including backups as a properly configured system, but not having root access does not prevent damage. True your user cant touch the system, or other users files, so they are safe. But your not, and to most people its the safety of their own stuff thats most important. A Joe Blogg's Desktop install is probably a used by a single (login) user any way. Despite all this, Linux (and its UNIX siblings) is still inheritenly more secure then MS Windows, (as you touched upon) because from its start it was designed to be multi user. MS Windows never was (nor even designed to be connected to a network) and MS are now backpeddling on earlier poor design choices. |
| mojavelinux Oct 23, 2004 5:40 PM EDT |
After reading the last response I realize that I missed an important point. Yes, a user's documents are vastly more important to that user than the stuff in /usr/lib, et al. However, the most critical safety guard is your protection from OTHER users. If some moron downloads a virus that wipes out his home directory, your home directory is not affected. I think it is more the cross over of user accounts, rather than the effect on system files, that makes a multi user operating system so crucial. Fires are contained. In the end, security of one's own files depends on one's self. Naturally any good program will warn the user as much as possible, and make conservative, or even protective, decisions. But an operating system cannot prevent you from terminating your own files. You do have a responsibility for protecting your own data. The biggest problem with MS security right now is that programs are allowed to run rampant over the system without any checks and balances, and with absolutely no warning or precautions. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!