"Linux is better thought-out than Windows"

realJSOP

The commandline is available to any process running under any account, and therefore it's wise in that instance to ask for credentials before shutting down (guards against remote shutdown). The UI, on the otherhand requires the user to be sitting there, and shutting down is a deliberate act, thus, no credntials required. I'm not sure, but requiring credentials before shutting down via the UI might be subject to a a system setting. I don't know for surem, but it's something to investigate if you are so inclined.

".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013

kalberts

Wasn't the source code for VMS released to the public a few years ago? Then I guess it would just to rewrite the HAL - VMS was ported to both the Alpha chip and Itanium, so they probably have defined some useful hardware abstractions ... and Wikipedia also claims that "a port to the x86-64 architecture is underway". Wikipedia says that OpenVMS is closed source(!), but the section "Hobbyist programs" suggests that it is open for hobbyist and non-commercial use. So even if my memory is wrong about it being made "fully open" fairly recently, you could at least call it "ajar software" :-)

kalberts

Side tracking a little: Raymond Chen, in his delightful book "The old new thing" (based on his equally delightful blog of the same name, [^]) he tells about this web server that just had to be available 24/7, but some memory leak made it crash every now and then, every few days. To keep the service running while they debugged the software, they replaced the server with a small cluster and a load balancer: Whenever one of the machines were reaching memory saturation, it was taken out of the cluster and rebooted. In the meantime, the other machine served the users. Later, the other cluster node would be the one to be taken out and rebooted while the first served the customers. They did find the memory leak, and the installation could go back to single server operation. (There was no need to run a cluster for performance reasons.) Thumbs up for "The old new thing", both book and blog! The book is fun, but you can actually learn a whole lot from it, especially about legacy and backwards compatibility. (And especially if you just completed your degree and have very limited experience in the commercial world.)

Nathan Minier

Well, first, if you install a graphical UI on a system that runs production-critical tasks, you're doing it wrong. Second, the UI systems I've seen use dmesg to bypass the normal IO flow, and assign permissions to grant permissions to the UI, not the user, to perform tasks such as shutdown and network configuration. It does this specifically so the system can have base-level users that don't want to get into the system administration game. If you don't want to UI to have those permissions....remove those permissions. It's not terribly hard, and it's generally not an oversight.

"Never attribute to malice that which can be explained by stupidity." - Hanlon's Razor

TheRaven

Amazing observation; more than an oversight, it's an issue most likely avoided as I'm certain that (OP), myself and many others have seen this and wandered what the deal is. DE and DM software generally run in a SuDo style mode with certain privileges one of which is shutdown & restart among others. One reason (or several actually) that most old hand system administrators prefer to run Linux & BSD systems via the prompt rather than installing anything like a GUI desktop environment --security concerns, stability (some apps may not function correctly without special privileges) and most times GUI clutters their workspace. Anyway, Linux like any other operating system is subject to developer over sight else we wouldn't need security patches and new kernels. Additionally, Linux is not better thought out than Windows it is implemented in a way that the particular distribution is laid out logically if anything. Windows on the other hand could still benefit from better directory structure and more "in-your-face" security and systems management for those whom not a current copy of the contemporary Windows System Administrator Guide on hand. Neither O.S. is close to perfect and the sooner everyone accepts the fact the sooner things can get rolling again toward better security and stability --right after we get away from Intel's Spectre-Meltdown platform (makes you wander if Intel isn't in anti-virus software investment portfolio somewhere in the shadows, hunh)... Good article regardless.

I was unaware of that...

kalberts

I don't know where you got that subject line from, but... Linux is a Unix clone; its architecture is a carbon copy of Unix. And Unix was never planned, designed. The *nix process concept was a created as a mechanism to let the space ships of the Space Invasion game to come increasingly closer while you were scratching your head. The shell is the Space Invasion command interpreter loop. They needed a language for programming the whole thing, and threw up a number of language constructs in a messy pile - C is the most explisitly non-designed language that I have ever come across. And it shows! I would be curious to know where this "though-out" is found. Most of the thinking has been spent on "How shall we clean up this terrible mess?" To some degree, the question has been evaded by stating "That is not our problem" (e.g. higher level protocols, file system structures, synchronization, shared data, user identification) - keep it simple; if it simpler than necessary, claim that it improves clarity! Slowly, a few mechanisms crept in: Existence of a file was replaced by a binary semaphore (so that we didn't have to worry about concepts such as critical regions and monitors...), we got .so libraries, and if you were an expert, you could set up segments of the data segment as shared. X.11 could be patched on top to give the illusion of event-driven system design - but worked only for the mouse and keyboard. Exception handling was kludged onto the C language, and so was OO. For threads we had several years with competing kludges. I never saw a speck of "design" work behind the *nix operating system, and very little in the activities closely related to it (such as the C language and communication protocols). For some protocols, the IETF simply had to make major cleanups, e.g. in the SMTP protocol and a number of others, and it is clear for everybody to see that all the old critisisms of "non-*nix-style" starndardization work becomes increasingly appliccable to *nix and TCP/IP protocols standardization.

Forogar

I really miss working on those old Vaxes (Vaxii?) VMS was the business!

- I would love to change the world, but they won’t give me the source code.

Mike Hankey

Forogar wrote:

I really miss working on those old Vaxes (Vaxii?) VMS was the business!

I really enjoyed working on them too! uVAX was an awesome machine!

I'm currently unsupervised, I know it freaks me out too! JaxCoder.com

Forogar

We had a pair of VAX 785s (I think - my memory of the last millenium occasionally fails me) and were running real-time flight telemetry and analysis on them. So cool and, since we very close to the runway, very noisy! Jet fighters on reheat make a LOT of noise on take-off.

- I would love to change the world, but they won’t give me the source code.

obermd

I'm not even sure your base premise is correct, since Windows was developed as a single user system and Linux a multi user system. As for your observation about Linux shutdown, running sudo is the correct thing to do. Linux was derived from a multi-user environment and allowing any random user to shutdown the OS is not a good thing to do. The reason the console GUI shutdown works without sudo is because there is an underlying assumption that if you're using the console GUI then you're running in single user mode. I suspect the remote X-Windows GUI will require sudo to operate, just like Windows "hiding" the shutdown option when using RDP to connect to a remote system.

dandy72

That's an interesting thought. Arguably, I've already provided my credentials when I logged in, but that's the case whether that was through the UI or purely a command line (like SSH). If I've logged in via the UI, then any command prompt window I subsequently open "should" inherently know who I am.

kalberts

The proper plural form is "vaxen". That was a commonly used terms in those days.

dandy72

I want to believe you, but I've used dozens of distributions, and I've *never* been prompted to enter my password to do a shutdown, except from a command prompt. I've never done nearly enough with Linux to have it save passwords beyond whatever default settings exist. When installing the OS, I generally add myself as an administrator (that's part of the standard install), and I hardly ever create additional accounts or try to strip down rights from my default account.

dandy72

Isn't that Raymond Cheng's (Chang?) blog? Is he still posting? I've watched a couple of his "one-minute answer" videos on Channel 9, but I honestly have never taken the time to read his blog.

dandy72

lopati: roaming wrote:

sudo is only for children and below* (* - people that really should just stay on windows)

What a mixed message. The Linux graybeards all tell you to *always* run as a limited user and you're a fool if you ever login as root. Or am I misinterpreting your answer here?

dandy72

I'll have to try. I tend to run my Linux VMs right from the Hyper-V console when RDPed into the Hyper-V host itself; in that context, VMs (Windows and Linux) tend to see that as local, not remote. I'll have to try with VNC or some equivalent. I hardly ever take the time to configure my Linux VMs to let me log in that way.

dandy72

Mark_Wallace wrote:

I mean, why on Earth would anyone ever want to shut down a computer?

Well, there's that. :-) I play a lot with different Linux distributions--way, way more than will work with my Linux VM host's 32GB of RAM. I have another host with 64GB, but that one's for my Windows VMs only.

dandy72

TheRaven wrote:

Windows on the other hand could still benefit from better directory structure and more "in-your-face" security

Gawd, more in-your-face than the constant UAC prompts? I thought those were already excessive... :-)

TheRaven wrote:

makes you wander if Intel isn't in anti-virus software investment portfolio somewhere in the shadows,

Did you forget they've purchased McAfee for a few billions a few years back...?

kalberts

Maybe there were good uVax implementations. But the first attempt to build a small Vax was the 730. From a performance point of view, it was a nightmare! Friends of mine were using it and reported that had timed the filling an 80 char input buffer with spaces to take 20 milliseconds. A process switch took 100 ms - 1/10 second(!). In their project, they had to change the software architecture from three to two processes (and redistribute the functions) in order to reduce the required number of process switches; that significantly increased the performance of their application. It took just a few weeks before someone got hold of a big yellow-green "Turtle Wax" sticker to put on the front panel of the machine. The 730 was an extremely microcoded machine, with a highly vertical architecture: While the 780 had a 96 bit microcode word, so that it could issue 96 signals per microcycle, the 730 had 24 bits, heavily multiplexed. So the meaning of one bit could depend a lot on other bits, and had to be decoded by a logic network before sent to the actual circuits. The hardware itself was also far simpler, so it took a lot more microcycles to perform one complete machine instruction. Even the 780 had some hardware limitations, the strictest one (for the performance) was that all page tables had to be resident in memory; it couldn't handle a page fault in the page fault interrupt handler. In 1970 or 80, our university had one 780 with a whooping 1 megabyte of RAM. Whenever the electronics guys ran their circuit layout program, which used immense amounts of virtual memory, they had to reboot the machine with a large page table configuration so that more than 600K was taken by the page tables and resident part of the OS, slightly more than 300 kbyte was available for paging of user programs and non-resident OS parts. You may call it "CPU abuse" to run a VAX 780 CPU on 1 megabyte of RAM, but if you weren't there at the time, you would never believe the cost of RAM in those days...

dandy72

Nathan Minier wrote:

if you install a graphical UI on a system that runs production-critical tasks, you're doing it wrong.

I take it most Linux distributions aren't intended to run production-critical tasks, then. I'll have to remember that argument.

Nathan Minier wrote:

If you don't want to UI to have those permissions....remove those permissions. It's not terribly hard, and it's generally not an oversight.

What you're saying is that most Linux distribution creators choose to ship in a "convenience over security" state.