avoinemt at gmail.com
Wed Jan 10 14:24:47 UTC 2007
Thanks for the addendum Peter. I don't know Don and/or Mila's background in
computers but I feel they may be uncomfortable with the many "buzz words"
and commands you used to explain the security matters with Linux. Since
other people on the list that are very new to linux may be interested, I
will add comments to some details.
First I would suggest a (small) bit of reading in Wikipedia where the
command "su" and "sudo" are explained in slightly simpler terms:
Secondly, I think it is important to say that using a tighter security model
in our operating system helps us protect our system (from potential
intruders) by "layering" access to different kinds of resources. In other
words, it dramatically "slows down hackers", considered that the so called
hacker does not have the root password for your machine, in which case your
computer is wide open. However, it does not prevent you from trashing
important stuff and because of how Ubuntu is configured by less experienced
people (including me!), users have the right to do "sudo" at will. In other
words, it won't prevent you from erasing your xorg configuration file,
you'll just have to enter "sudo" and your own password before you do.
Lastly, it is important to mention that Windows also has its own security
model which is much less restrictive but very similar (in some ways) to
linux: you can create administrator and user accounts, which allows a simple
security model for less experienced users. It also offers advanced security
options (that 99% of people don't use, either because they don't know it
exists or it's too complicated to understand) that allows an administrator
to put rather fine boundaries to prevent other users from trashing the
That's about it. Hope it helped you understand the differences between
windows and linux on this aspect.
On 1/10/07, Peter Whittaker <pwwnow at gmail.com> wrote:
> On Mon, 2007-01-08 at 09:55 -0800, Don and/or Mila Trombley wrote:
> > I am wondering if one can get into or load Xubuntu, as a new system,
> > without having to put in a System administrator name, and Password, for
> > now, considerring that I do not wish to put it on-line, until I am
> > fairly able to understand how the system works i.e. as an 'open' root
> > w/o password, Then, later, Lock the System when I am ready to connect it
> > to the Internet, or as a private network?
> Rather than being add-ons or after thoughts, passwords and permissions
> are an integral part of a Linux system: They *are* how things work.
> To really understand how to use and administer a modern Linux distro,
> one really should work through sudo and su: Set up a user account,
> enable a root password, and do your thing. When you run into problems,
> one of the first questions to ask will be "what permissions are required
> to do this thing?" You will learn an awful lot working that way.
> This isn't pedagogy by repeatedly banging your head against the wall,
> it's getting used to working with an OS with a security model. It may be
> frustrating at first, but you'll be glad you did it that way in the end.
> One of the things that led to Windows dominating the world
> (https://launchpad.net/ubuntu/+bug/1) is the lack of security model:
> Anyone could do anything at any time! This made is easy to get things
> done, since there were absolutely no impediments to adding, modifying or
> deleting files, adding or removing software, etc.
> Wow, greased skids!
> Of course, that led to viruses, spyware, and a host of other problems:
> Since there was no security model, anyone could anything....
> The Linux (and Unix) model of restricted permissions protects us from
> "the others" (at least to a certain extent).
> This model also protects us from ourselves! As a regular user, you
> cannot accidentally install something in the wrong place, accidentally
> delete the wrong thing, accidentally run the wrong thing, etc.
> Running as root is the wrong thing to do, because it encourages bad
> habits: Rather than learning about Linux, a "run as root" user is
> treating their Linux box like a Windows box, and is going to destroy
> something sooner or later.
> So set a root password, learn to use su and sudo (you'll need to visudo
> to set up sudoers to give yourself proper sudo permissions before you
> can usefully use sudo), and work within the model: It works.
> Now here's your "snatch the pebble from my hand" puzzle: I want to
> append some file system information to /etc/fstab; why doesn't the
> following work when running as a regular user (albeit one with sudo
> $ sudo echo '/dev/hda3 /hda3 ext3 defaults 0 0' >> /etc/fstab
> $ sudo mount -a
> ??? For bonus points, describe at least four other ways to do this, from
> the command line, only one of which uses an editor, and only one of
> which uses su.
> Don't you love Linux? :->
> ubuntu-ca mailing list
> ubuntu-ca at lists.ubuntu.com
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-ca