can we find a solution to bug #820895 (show Process Name in log files) (imaginative solution/description presented)?
dmutters at gmail.com
Wed Feb 8 19:00:30 UTC 2012
> Stop throwing around privacy like there is some big security flaw in
> Linux, there are tools that do what everyone wants, it seems to me
> that nobody is willing to even look or everybody is fed baby food,
> what is the point of being on Linux if you aren't going to use the
> terminal for what it's there for? Try searching for once.
As someone whose spent a lot of time on distros like Slackware and Gentoo,
as well as having used Ubuntu since Warty Warthog, I have a good bit of
experience with the command line, including tools like Shorewall, plus
writing some basic IPTables scripts; but I still would love to have a
decent, comprehensive (within reason) GUI tool to deal with these issues.
It's simply impractical to dig through my system's log files (by hand)
every time I want to figure out what program is using my Internet
connection without my permission. Yes, I can and do use the command line
(including some minor BASH scripting); but sometimes the point of a good
GUI tool isn't *exclusively* to allow *newbies* access to something, but
also to provide seasoned users an *easier and more efficient way* of doing
what they can already accomplish, given enough time and effort.
Tools like Firestarter have, in my experience, proven rather "hacky" and
inadequate. Furthermore, it's not always clear what ports need to be
blocked, based on log files, alone; some programs use a large range of
more-or-less random ports, and one may or may not want them to be able to
do so; but documentation on such things isn't always as good as it aught to
be, and Google (contrary to popular belief) doesn't actually know *
AppArmor seems like a good start, but it's far from accessible to most
users--unless they want to spend a lot of time figuring it out, which might
not be practical in a given use case. The same goes for SELinux--perhaps
doubly so. They're good systems, in principle, but not something that even
a Linux "power user" can fiddle with and reliably avoid breaking (nearly)
everything on his computer, unless he's spent far too much time studying
how they work.
A well-thought-out GUI tool, programmed by those who actually
*do*understand these things will allow the otherwise perplexing and
tasks required to enable/disable basic functionalities to be accomplished
by checking a box, typing in an executable name, etc. I know that this
sort of thing rubs the command-line enthusiast crowd the wrong way--I was
up-in-arms when MS Windows ceased to be strictly a DOS-based application!
(I even wrote a slam poem about it...)--but there's definitely something
good to be said about making simple functionality into *simple* processes;
and GUIs are typically very good at this.
Let's just make sure that those who understand the CLI way of doing these
things don't have to jump through hoops to do it (as has happened with MS
Windows, Suse Linux, etc.), while allowing those who don't understand it to
"get the basics done," anyway.
Thanks for reading.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Ubuntu-devel-discuss