Flexibility IS a Killer Feature
|
Author | Content |
---|---|
phsolide Feb 11, 2011 3:27 PM EDT |
Yes, flexibility of linux is indeed a killer feature, but in a literal way. As near as I can tell, big companies, corporations, want to "lock down" their employee's desktops, and the servers as well. Experience with Windows and other Microsoft "products" has taught the operations part of IT departments that *any* difference is BAD, BAD, BAD. Someone adds an executable to C:\WINNT\SYSTEM32 and whole corporate networks have gone "poof"! Think of January, 2003. That was the SQL Slammer worm's heyday. A lot of corporate networks had maybe one visitor bring in SQL Slammer on a laptop, and that causes a month of cleanup. Linux you can't really "lock down" right now. The whole philosophical basis is more like English Law (whatever isn't forbidden is allowed) rather than the Roman Law of WIndows (whatever isn't approved is forbidden). I've taken advantage of this in the past, putting zsh and vim in $HOME/bin because the only "approved" shell is (ickk) Korn shell. At some jobs, I've built up almost an entire userland in $HOME/bin because they didn't have modern make, up-to-date C compilers, Tcl/Tk, etc etc. Because of the Control Freak nature of corporate overlords, they'd rather force some half-wit, buggy, modal MSFT junk on everyone, rather than risk someone doing something partly bad. It's called "Best Practices", and it's the Enemy of the People. |
Steven_Rosenber Feb 11, 2011 3:48 PM EDT |
I don't know about the rest of you, but in my shop there has been a very noticeable uptick in the number of viruses on our XP boxes, which do run antivirus. |
Bob_Robertson Feb 11, 2011 5:03 PM EDT |
Steven, it's an arms race. Just like antibiotics, there's always a better computer virus next down the tubes. Phs, I have to ask, why not lock down Linux? A firm can choose a particular desktop and application suite, and install only that on every persons's machine. Or they can be more flexible and use more. The assumption that it must be Windows is what must be challenged. Once past that, everything is easier. |
JaseP Feb 11, 2011 6:30 PM EDT |
@ phsolide, It's not just M$, it's corporate culture & the Six Sigma set, as well. Consistency = efficiency, & inconsistency = disruption/poor work-flow. Even if viruses were not a factor, the corporate mentality is an Orwellian ideal. The "suits" want to believe that they are the only ones with ideas, & that workers are inherently stupid, lazy & prone to error. |
jdixon Feb 11, 2011 10:59 PM EDT |
> The "suits" want to believe that they are the only ones with ideas, & that workers are inherently stupid, lazy & prone to error. When it can easily be demonstrated that, in most businesses, the day to day workers know and perform their jobs quite well and it's management which routinely makes the stupid mistakes. |
TxtEdMacs Feb 12, 2011 7:44 AM EDT |
Quoting: [...] it's management which routinely makes the stupid mistakes. Excuse me! All this time I thought it was in their job description. How else can you run a good company into the ground to make room for the innovative small fry that are still in their infant stage? Just perceive it to be a mechanism for introducing a new aspect into enterprise genomes. Darwin's Law of Economics YBT |
Bob_Robertson Feb 12, 2011 8:46 AM EDT |
> Darwin's Law of Economics Ok, I'll run with this. The phenomenon being discussed is one of the attributes of bureaucracy. Yes, the people with their feet on the ground doing the work know how to do that work better than the managers do, but that's not what makes managers stupid. Good managers don't bother themselves or their team by even trying to know how to do exactly what is being done. They concern themselves only with that it get done, and that the team members have the resources to get it done most efficiently. That's why small companies can make such huge impacts on an industry. But then bureaucracy sets in, and in a bureaucracy the ones who to well are the ones who concern themselves with the success of the bureaucracy itself. I don't find the Yes, Minister clip online, but it's from Episode 2 I think. Applebee says to Bernard, "Larger staff and a bigger budget are the measures of success in a bureaucracy. A larger staff means a successful department." So no matter how much a business starts out rewarding efficiency, there will come a time that _inefficiency_ is what is rewarded. And those managers who make the bureaucracy their priority will be more successful and rise to the top. This is why companies often try to "break themselves into smaller business units" in order to be more efficient. In order, in fact, to stymie the bureaucrats themselves. |
Sander_Marechal Feb 13, 2011 8:09 PM EDT |
@Phsolide: I don't agree. In my experience Linux is easy to lock down. Windows is a nightmare. |
mrider Feb 14, 2011 12:19 PM EDT |
Quoting:'ve taken advantage of this in the past, putting zsh and vim in $HOME/bin because the only "approved" shell is (ickk) Korn shell. At some jobs, I've built up almost an entire userland in $HOME/bin because they didn't have modern make, up-to-date C compilers, Tcl/Tk, etc etc.How far would you have gotten if the computer were setup with separate partitions for /tmp and /home and both were mounted no-exec? |
phsolide Feb 14, 2011 4:50 PM EDT |
How far would I have gotten under those conditions? Not far, clearly. But I didn't put any effort into skirting that rule, either: $HOME/bin was easy enough. There's always /var/tmp, a neglected area where you can stash many megs of goodness, and nobody ever seems to notice. Sometimes a /usr/local/tmp directory exists. While I'm sure that you guys make good points about locking down linux, it's very flexibility does aid in wriggling out from under lockdowns. I think the real concern in corporate IT operations is unfamiliarity, really. They don't know, it was hard to learn Windows and get it "locked down" (for certain values of "locked down"), so it's going to be harder to get Linux "locked down". Doesn't matter that remounting with a no-exec option makes Linux more locked-down than Windows 7, the conversation has already been framed. |
herzeleid Feb 14, 2011 6:38 PM EDT |
Quoting:While I'm sure that you guys make good points about locking down linux, it's very flexibility does aid in wriggling out from under lockdowns. Only if it's not actually locked down. The possibilities for abuse of world writable directories are well known to *nix system administrators. |
Steven_Rosenber Feb 15, 2011 7:28 PM EDT |
I ran ksh for awhile in OpenBSD. It's not Bash, but it's not bad, either. A good reference (including the man page) is a big help. The "Unix: Visual Quickstart Guide," by Deborah S. Ray and Eric J. Ray, 3rd edition or older, has a lot of ksh material in it. I highly recommend picking up a cheap, used copy. The newer versions are more Linuxy, and they dropped ksh. I don't blame them for that - almost nobody uses ksh, and those who do are geeky enough not to need the book. But if you want to get around in OpenBSD with the default ksh, a little help is a nice thing to have. |
Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]
Becoming a member of LXer is easy and free. Join Us!