One of the biggest reasons for many people to switch to a UNIX desktop, away from Windows, is security. It is fairly common knowledge that UNIX-like systems are more secure than Windows. Whether this is true or not will not be up for debate in this short editorial; I will simply assume UNIX-like systems are more secure, for the sake of argument. However, how much is that increased security really worth for an average home user, when you break it down? According to me, fairly little. Here's why.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-07-10
AdamW,
"1. www.reallycoolsoftware.com/shinythings.rpm
2. double click the rpm"
You seemed to have missed some other security points related to package management in Linux distributions. After doing what you said the Linux distribution would first request a Root (Administrator) password prior to opening the package manager such as YAST. YAST would then verify the digital signature is valid for the package, check for any dependencies/conflicts and install the software. Unlike Windows where the user double mouse clicks on the "packagename.exe" and it installs to the system. By defualt installation set-up Microsoft makes all users for Windows have Administrator (Root) access and leaves it up to the end user to create Limited User accounts. This is unlike Linux distributions where users are set up in the beginning to have Limited User rights.
It is typically a Windows system Administrator headache to get applications to run properly on Limited User accounts with out opening to much security. Hopefully when Windows Vista is released Microsoft will hold true to their promise to make the system more secure unlike how it is today. Such as everyone runs as Limited Users by default, except the Administrator account which is not visible and only accessible with the Administrator password.
Member since:2005-12-28
Member since:2006-02-06
You've obviously got no idea of how an rpm is installed. A user would have to have administrator level priviledges to install anything. Also, it's a pretty strange *nix system that would actually work by simply clicking on the file... Every setup I have ever seen required the user to follow through with some type of package manager (YAST, ap4rpm, SOMETHING) and that exponentially reduces the chances of this happening. Besides, again we are talking about user abuse of the system, something NO OS, EVEN LINUX, BSD and the rest of the *nix, can ever do and still be a useful tool or toy for the user.
Member since:2006-01-06
Virus writers are a bit more clever than you're giving them credit for. They don't need to execute their code from a rpm at all. The best choice is from firefox or another browser. They can trigger a buffer overflow and then use that launching pad to trigger additional buffer overflows in the Linux kernel (they have to find them first, but nobody should be daft enough to suggest that they don't -- or can't -- exist), since one was found as recently as November 2005 (http://secunia.com/advisories/17384/).
Member since:2006-01-09
Member since:2005-07-02
Member since:
2005-07-06
1. www.reallycoolsoftware.com/shinythings.rpm
2. double click the rpm