Linux security

Michael T. Richter ttmrichter at gmail.com
Sat Apr 29 01:24:03 UTC 2006


On Fri, 2006-28-04 at 23:03 +0100, Daniel Carrera wrote:

> Daniel: Linux is more secure than Windows.
> MS guy: Why?
> Daniel: It has better separation of priviledge (sudo, chroot)
> MS guy: But that won't protect the user's data which is what
>          really matters.


The problem is twofold.  First you've spotted the issue of user data
(which is all that users care about).  Second, if the MS guy actually
knows the platform, he's going to call bullshit on the separation of
privilege as well.

I can go right down into the nitty-gritties, in Windows (NT+), and say
"this file is only readable to this one user, only executable by this
one other user, can be write-appended (but not read) by this group of
users and can be read/write accessed by this other group over here".
Nothing in sudo/chroot/et al gives me anywhere near that level of
security control unless I include an add-on that's subverted by half the
utilities out there.

> MS guy: What really matters is user data, and separation of priviledge
>          won't protect that.
> Daniel: Actually, user data is not what matters most becasue ...


User data is all that matters.  You just have to expand the horizons of
an average user to include other users.  It is a conceit of software
geeks that the system is what matters.  The system don't matter a damn
except insofar as flaws in the system can impact user data.  Any other
view is, frankly, idiotic.

--
Michael T. Richter
Email: ttmrichter at gmail.com, mtr1966 at hotpop.com
MSN: ttmrichter at hotmail.com, mtr1966 at hotmail.com; YIM:
michael_richter_1966; AIM: YanJiahua1966; ICQ: 241960658; Jabber:
mtr1966 at jabber.cn

"Thanks to the Court's decision, only clean Indians or colored people
other than Kaffirs, can now travel in the trams." --Mahatma Gandhi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060429/e0bc6aa5/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20060429/e0bc6aa5/attachment.pgp>


More information about the ubuntu-users mailing list