Linked by Howard Fosdick on Mon 24th Jun 2013 03:00 UTC
Linux I volunteer as tech support for a small organization. For years we relied on Ubuntu on our desktops, but the users didn't like it when Ubuntu switched to the Unity interface. This article tells about our search for a replacement and why we decided on Xfce running atop Linux Mint.
Thread beginning with comment 565466
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Partition lock-down
by Kochise on Mon 24th Jun 2013 12:17 UTC in reply to "RE: Partition lock-down"
Kochise
Member since:
2006-03-03

Wasn't my first Linux install, had Ubuntu (from 7 to 10) without any problem and Fedora (which Anaconda's default behavior was to aggregate my ext3 partitions altogether, thus destroying my Ubuntu install and messing my MBR).

Tried Linux Mint 13, was pleased by the system, but was restrictive as hell :

The system partition (32 GB ext3) had the system installed on it, the swap partition (4 GB swap) and the data partition (200 GB fat32) had nothing on it, it was just purposed to store... guess it : data !

When I wanted to open/copy files on the DATA partition, Linux Mint shouted at me that I don't had enough privilege (as root !) to access it. And it's an offline ARM cross development PC.

I'm a geek though, but I do not expect to have to fine tune somewhere in the system the access to my DATA partition freshly formated of my newly installed system.

Security ? Paranoia !

The installation went pretty straightforward though, so imagine my frustration, and consider the newbie's, when you cannot use you locked down -"for security reasons"- computer.

It's Linux, the malwares and security holes aren't supposed to mirror Windows' ! So what's the point ?

If I quit Windows not to fight malwares and security holes anymore, it's not to find other flaws to chew on. If Linux cannot hide its "secutiry" behind the hood and had to put your nose into configurations files to "feel the power of the security by restrictive accesses" then I'm gonna quit immediately.

This is madness !

Kochise

Edited 2013-06-24 12:28 UTC

Reply Parent Score: 3

RE[3]: Partition lock-down
by Laurence on Mon 24th Jun 2013 13:13 in reply to "RE[2]: Partition lock-down"
Laurence Member since:
2007-03-26

The system partition (32 GB ext3) had the system installed on it, the swap partition (4 GB swap) and the data partition (200 GB fat32) had nothing on it, it was just purposed to store... guess it : data !

Is that the default auto partitioning? I'm more miffed why there's a FAT32 partition. That's just wrong. If it's a Linux only set up, then it should be running ext3 or ext4. If it's to be shared with Windows, then it should be ext3 (there are ext2&3 drivers for Windows) or NTFS. FAT32 should NEVER be used to store "data". So if that's a Mint default, I'm very disappointed.


When I wanted to open/copy files on the DATA partition, Linux Mint shouted at me that I don't had enough privilege (as root !) to access it. And it's an offline ARM cross development PC.


As I've already pointed out. You wouldn't have been root. Mint (like Ubuntu) doesn't assign a password to root so you cannot even log in as root. Thus you'd have been a regular user.

Security ? Paranoia !

That's what they all say until their computers are infected with all sorts of crap...

It's Linux, the malwares and security holes aren't supposed to mirror Windows' ! So what's the point ?

That doesn't even make sense. You're complaining about security features. ACLs and other access permissions are not malware.

If Linux cannot hide its "secutiry" behind the hood and had to put your nose into configurations files to "feel the power of the security by restrictive accesses" then I'm gonna quit immediately.

How would you suggest we secure computers without user access controls? It's my day job to implement security procedures, specialising with Linux and UNIX (I'm not making that up either!) and I can't think of a better foundation to begin with. At some point in the stack, you're going to need to know who's using the computer and whether they're allowed to access that subsystem. And whichever way you try to implement that, you ultimately end up with a list of users and permissions.

This is why your arguments about computer security really don't make any sense. Granted, in this particular instance the workstation is intended to be kept offline. But since you're the one arguing about noob-friendliness, it makes infinitely more sense to assume that all the Mint desktops are going to be connected to the internet than have all the security turned off by default and expect those users to turn them on manually (but don't take my word for it, let's just look at Windows 95 through to Me and how well it's security model worked).

Reply Parent Score: 5

RE[4]: Partition lock-down
by l3v1 on Mon 24th Jun 2013 14:09 in reply to "RE[3]: Partition lock-down"
l3v1 Member since:
2005-07-06

FAT32 should NEVER be used to store "data". So if that's a Mint default, I'm very disappointed.


It most certainly is not. Whatever happened there, I can't easily believe it's LMint's fault. Been using it for 3 versions now at work in VBox, never seen anything like that happening.

Reply Parent Score: 4

RE[4]: Partition lock-down
by Kochise on Mon 24th Jun 2013 15:24 in reply to "RE[3]: Partition lock-down"
Kochise Member since:
2006-03-03

Is that the default auto partitioning? I'm more miffed why there's a FAT32 partition. That's just wrong. If it's a Linux only set up, then it should be running ext3 or ext4. If it's to be shared with Windows, then it should be ext3 (there are ext2&3 drivers for Windows) or NTFS. FAT32 should NEVER be used to store "data". So if that's a Mint default, I'm very disappointed.

As I've already pointed out. You wouldn't have been root. Mint (like Ubuntu) doesn't assign a password to root so you cannot even log in as root. Thus you'd have been a regular user.

See my answer in another comment above...

"Security ? Paranoia !

That's what they all say until their computers are infected with all sorts of crap...
"
Malwares ? On Linux ? Babylon toolbar ? McAfee anti-virus ? ...

"It's Linux, the malwares and security holes aren't supposed to mirror Windows' ! So what's the point ?

That doesn't even make sense. You're complaining about security features. ACLs and other access permissions are not malware.
"
Access permissions ? So with Linux Mint, when I install the system, instead to lock things, I have to unlock them ? How convenient.

How would you suggest we secure computers without user access controls?

Preventing the user to access the computer to prevent him making mistakes is sure quite a strange behavior. An operating system turned into a denying access system, that doesn't makes sense. I'm sure there is other ways to "protect" the system. Firewalls, etc, but not locking down the computer.

And whichever way you try to implement that, you ultimately end up with a list of users and permissions.

Sure, when you start having more than one registered user. But when there is only ONE f--king account, why the need to lock EVERYTHING when an access password would be enough ?

This is why your arguments about computer security really don't make any sense. Granted, in this particular instance the workstation is intended to be kept offline. But since you're the one arguing about noob-friendliness, it makes infinitely more sense to assume that all the Mint desktops are going to be connected to the internet than have all the security turned off by default and expect those users to turn them on manually (but don't take my word for it, let's just look at Windows 95 through to Me and how well it's security model worked).

Like I said, preventing the user to access the computer, then the internet, for the sake of "safety" is a pure non-sense, especially on Linux. I don't see what are the threats to the system. Active X ? Sony's root-kits ? IE exploits ? SWF trojans ? Come on...

Kochise

Edited 2013-06-24 15:25 UTC

Reply Parent Score: 2

RE[3]: Partition lock-down
by acobar on Mon 24th Jun 2013 23:17 in reply to "RE[2]: Partition lock-down"
acobar Member since:
2005-11-15


The system partition (32 GB ext3) had the system installed on it, the swap partition (4 GB swap) and the data partition (200 GB fat32) had nothing on it, it was just purposed to store... guess it : data !


I may be wrong but the last time I checked, and it was a long time ago, you had to resort to some not trivial steps to create and use a fat32 partition with more than 32GB. Perhaps, was this the root of the problem?

Reply Parent Score: 2

RE[4]: Partition lock-down
by zima on Tue 25th Jun 2013 18:00 in reply to "RE[3]: Partition lock-down"
zima Member since:
2005-07-06

It was just a limitation of some partitioning tools (most notably the one in Windows), fat32 itself is easily capable of more than 32 GiB.

Reply Parent Score: 2