"Linux is better thought-out than Windows"
-
In order to save files in certain locations, you have to run a text editor with admin permissions. Still, the act of runnign them will/should request credentials.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013 -
Isn't that Raymond Cheng's (Chang?) blog? Is he still posting? I've watched a couple of his "one-minute answer" videos on Channel 9, but I honestly have never taken the time to read his blog.
dandy72 wrote:
Isn't that Raymond Cheng's (Chang?) blog? Is he still posting?
Yup. The Old New Thing[^]
Bastard Programmer from Hell :suss: If you can't read my code, try converting it here[^] "If you just follow the bacon Eddy, wherever it leads you, then you won't have to think about politics." -- Some Bell.
-
Indeed; that the case even on Windows: I've lost count of the number of times I've tried to save a change I made to the hosts file, but then forgot I had launched Notepad without explicitly doing so as an admin. No way around that without re-launching.
I fixed that by setting the compatibility properties on notepad.exe to "run as administrator". :)
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013 -
obermd wrote:
running sudo is the correct thing to do. Linux was derived from a multi-user environment and allowing any random user to shutdown the OS is not a good thing to do
I agree entirely. I was just pointing out the inconsistency.
obermd wrote:
The reason the console GUI shutdown works without sudo is because there is an underlying assumption that if you're using the console GUI then you're running in single user mode
That's probably the best response I've seen yet this thread. I wouldn't suggest however this is a *great* assumption to make.
obermd wrote:
I suspect the remote X-Windows GUI will require sudo to operate,
Maybe it does, I haven't tried. I suspect you're right.
obermd wrote:
just like Windows "hiding" the shutdown option when using RDP to connect to a remote system.
It's inconsistent for sure (across the multiple versions of Windows, and workstation- vs server versions), and I know I've seen policies to display/remove the option. But now that you bring this up, when you *do* have the option, Windows *does* warn you if you're about to do a shutdown and it knows other users are currently logged in. Given that's the case, I have to wonder why a UI-initiated shutdown request wouldn't do the same on Linux. It could be based on the assumption you put forth, but then, doing the check and putting up a warning as Windows does seems like a no-brainer to me. All this to say...none of this is a "flaw" and I'm sure it's a deliberate design decision. And it'd be interesting to read the arguments that have been made on either side.
dandy72 wrote:
I was just pointing out the inconsistency.
I think it's more accurate to call it a "security comprimise", because it's specifically intended to work that way. I don't see it as inconsistent.
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013 -
I fixed that by setting the compatibility properties on notepad.exe to "run as administrator". :)
".45 ACP - because shooting twice is just silly" - JSOP, 2010
-----
You can never have too much ammo - unless you're swimming, or on fire. - JSOP, 2010
-----
When you pry the gun from my cold dead hands, be careful - the barrel will be very hot. - JSOP, 2013 -
I don't know where you're coming from (especially when you're only known here as "member 7989122"), but I think a conversation between yourself and Linus Torvalds would be fascinating. I'm not being facetious.
If he pays a visit to Kargasniemi or Karesuvanto, I'll probably be passing both towns during my vacation this summer. But I guess that if he is back in his homeland then, he will probably stay much further south in the country. I have never visited the south of Finland - I would like to spend a vacation there, but I guess I'd prefer it to be a vacation. Not for discussing OS design (and lack thereof). I guess my need for fierce turf wars is fully satisified during my working day. If I should happen to meet one of the big gurus by accident, I would probably do as I use to when meeting people with strong opinions and egos: Act a lot less experienced than I am, but rather poke him with some far more thought out questions that they initially appear, to have him reveal more of his real thoughts and approaches to things, when he doesn't feel that he has to "defend" things, but rather "explain". You reveal a lot more when you explain. And the listener, me, can place "naive" questions at the right time to dig far deeper than what comes out of a turf war. Sidetracking: One of my friends, on his way to becoming a top rate DBMS expert in the 1980s, had the database guru Jim Gray as his idol. At VLDB conferences, he was chasing Grey, hoping to one day get so close that he could say that he had been touching Jim Gray's coat :-) Then, one day at a VLDB conference, he saw Jim Gray coming right at him, cheering: "Hi, I hear that you guys are from Norway, is that right? Getting drunk with Norwegains is always great fun! Would you like to come along for a drinking night?" ... My friend went along, and the two became friends for live: When my friend married, Gray crossed the Atlantic to be his best man. I don't know if they ever were discussing database systems. Most likely they did, but that is not what formed a close friendship.
-
TheRaven wrote:
Windows on the other hand could still benefit from better directory structure and more "in-your-face" security
Gawd, more in-your-face than the constant UAC prompts? I thought those were already excessive... :-)
TheRaven wrote:
makes you wander if Intel isn't in anti-virus software investment portfolio somewhere in the shadows,
Did you forget they've purchased McAfee for a few billions a few years back...?
Meant accessibility for policy management not specifically targeting UAC prompts with a focus on readability and more "user friendly" tools. As far as prompts --rather have those than ransom ware popping up on my Windows 7 boot screen (been there). And, no I did not know Intel purchased McAfee --says enough to me. Explains a great deal. McAfee the mad-man running wild in third world countries trying to escape a hit squad and now Intel rides in with Spectre, Meltdown and now a new laundry list of hidden goodies have been discovered plaguing all of IA land. Fantastic, and they own McAfee... Thanx for the heads up btw.
I was unaware of that...
-
Meant accessibility for policy management not specifically targeting UAC prompts with a focus on readability and more "user friendly" tools. As far as prompts --rather have those than ransom ware popping up on my Windows 7 boot screen (been there). And, no I did not know Intel purchased McAfee --says enough to me. Explains a great deal. McAfee the mad-man running wild in third world countries trying to escape a hit squad and now Intel rides in with Spectre, Meltdown and now a new laundry list of hidden goodies have been discovered plaguing all of IA land. Fantastic, and they own McAfee... Thanx for the heads up btw.
I was unaware of that...
-
...but if that's the case, some things are definitely falling through the cracks. On many distributions, if I try to shutdown the system at a command prompt (typically with "shutdown -P 0"), I'm told I have to run sudo and I'm prompted for a password. Great feature, you wouldn't want any dumbass you share your computer with to be able to bring it down without showing he's got at least *some* amount of authority. Yet that same user can select Shutdown from the UI, and it'll happily comply without prompting for anything else (or at most, a confirmation prompt). If this was some sort of oversight, it would've been addressed years ago, no?
Weird discussion in case of Win10. I use linux subsystem for linux within it. You can choose some linux distributions from windows store. I use, for example, firefox in linux on Win10 with success..
-
lopati: roaming wrote:
sudo is only for children and below* (* - people that really should just stay on windows)
What a mixed message. The Linux graybeards all tell you to *always* run as a limited user and you're a fool if you ever login as root. Or am I misinterpreting your answer here?
yeah I'm more old fashioned, just start a [x]term, su, do the job, ^D out. (how many times are there a few instructions to get done? less work for my old fingers doing sudo ..., sudo ..., sudo ...) but also occasionally I'm on non-linux machine - sudo doesn't always exist and probably most likely "muscle memory" effect - more used to that way [without thinking too much].
-
Weird discussion in case of Win10. I use linux subsystem for linux within it. You can choose some linux distributions from windows store. I use, for example, firefox in linux on Win10 with success..
I'm glad you acknowledged that, I was about to, when to my surprise the last comment finally did. I was also going to point out that there was an awful lot of discussion about other OSes when clearly the OP just wanted to complain about Windows. But then again, there's plenty of discussion here when someone just asks a question that can be answered "yes" or "no."
-
Nathan Minier wrote:
if you install a graphical UI on a system that runs production-critical tasks, you're doing it wrong.
I take it most Linux distributions aren't intended to run production-critical tasks, then. I'll have to remember that argument.
Nathan Minier wrote:
If you don't want to UI to have those permissions....remove those permissions. It's not terribly hard, and it's generally not an oversight.
What you're saying is that most Linux distribution creators choose to ship in a "convenience over security" state.
dandy72 wrote:
I take it most Linux distributions aren't intended to run production-critical tasks, then. I'll have to remember that argument.
Wow. No, I said if you're using a UI for production critical tasks you're doing it wrong.
dandy72 wrote:
What you're saying is that most Linux distribution creators choose to ship in a "convenience over security" state.
Yes, just like Windows does.
"Never attribute to malice that which can be explained by stupidity." - Hanlon's Razor
-
dandy72 wrote:
I take it most Linux distributions aren't intended to run production-critical tasks, then. I'll have to remember that argument.
Wow. No, I said if you're using a UI for production critical tasks you're doing it wrong.
dandy72 wrote:
What you're saying is that most Linux distribution creators choose to ship in a "convenience over security" state.
Yes, just like Windows does.
"Never attribute to malice that which can be explained by stupidity." - Hanlon's Razor
Nathan Minier wrote:
Wow. No, I said if you're using a UI for production critical tasks you're doing it wrong.
...and thus, since most Linux distributions include a UI that gets installed by default, my comment stands...no? I feel like we're splitting hairs here...
-
Nathan Minier wrote:
Wow. No, I said if you're using a UI for production critical tasks you're doing it wrong.
...and thus, since most Linux distributions include a UI that gets installed by default, my comment stands...no? I feel like we're splitting hairs here...
I'm sorry, I sometimes forget that not everyone's "production environment" consists of servers and infrastructure. No, in fact. I haven't used a Linux distro that installs a UI by default in many, many years. In general I'm using RHEL, CentOS, and - for my project boxes - Arch. One of my basic criteria for selecting a distro is that it does not run a Display Manager (GUI), as that is a considerable increase in terms of system footprint that needs to be secured. This is a fairly standard mindset from a server SysAdmin point of view; security and compliance are hard enough without throwing unnecessary bells and whistles into the mix.
"Never attribute to malice that which can be explained by stupidity." - Hanlon's Razor
-
I'm sorry, I sometimes forget that not everyone's "production environment" consists of servers and infrastructure. No, in fact. I haven't used a Linux distro that installs a UI by default in many, many years. In general I'm using RHEL, CentOS, and - for my project boxes - Arch. One of my basic criteria for selecting a distro is that it does not run a Display Manager (GUI), as that is a considerable increase in terms of system footprint that needs to be secured. This is a fairly standard mindset from a server SysAdmin point of view; security and compliance are hard enough without throwing unnecessary bells and whistles into the mix.
"Never attribute to malice that which can be explained by stupidity." - Hanlon's Razor
Well, we're certainly not disagreeing. I just felt you were making a very broad, blanket statement. Amongst those you've mentioned, I've tinkered with RHEL and CentOS, but always with a GUI. I'm not so hardcore yet as to live off of the terminal window by itself. :-)
-
Well, as far as I remember, John McAfee only went nuts after Intel bought his company. And at that time, he already didn't have much to do with it anyway, despite bearing his name.
I can't remember the producer or the channel I saw the documentary/interview about McAfee (the man), but there were live Q&A sessions with him; I want to say it was a National Geographic documentary produced by one of their branches that research topics outside of geography & wild life. Regardless, was an eye opener --wish I could offer more help on the matter, but feel a search could reveal the video and feel it's a good hour or so spent. The vid is after the acquisition of McAfee, and McAfee (the man) is definitely convinced that someone or a group is out for his blood, but never definitively says why or whom skirting questions regarding the topics. Seriously, who benefits more from the continued existence of malware then those out to put an end to it (might be the reason McAfee is paranoid); amazing that every machine I say that had McAfee AV then decided to drop it was immediately infected with a critical virus within 2 weeks tops. AV could have been the first form of ransom ware for all we know. Something to think about. Anyway, was good chatting with ya!
I was unaware of that...
-
Well, as far as I remember, John McAfee only went nuts after Intel bought his company. And at that time, he already didn't have much to do with it anyway, despite bearing his name.
I can't remember the producer or the channel I saw the documentary/interview about McAfee (the man), but there were live Q&A sessions with him; I want to say it was a National Geographic documentary produced by one of their branches that research topics outside of geography & wild life. Regardless, was an eye opener --wish I could offer more help on the matter, but feel a search could reveal the video and feel it's a good hour or so spent. The vid is after the acquisition of McAfee, and McAfee (the man) is definitely convinced that someone or a group is out for his blood, but never definitively says why or whom skirting questions regarding the topics. Seriously, who benefits more from the continued existence of malware then those out to put an end to it (might be the reason McAfee is paranoid); amazing that every machine I say that had McAfee AV then decided to drop it was immediately infected with a critical virus within 2 weeks tops. AV could have been the first form of ransom ware for all we know. Something to think about. Anyway, was good chatting with ya!
I was unaware of that...
-
I can't remember the producer or the channel I saw the documentary/interview about McAfee (the man), but there were live Q&A sessions with him; I want to say it was a National Geographic documentary produced by one of their branches that research topics outside of geography & wild life. Regardless, was an eye opener --wish I could offer more help on the matter, but feel a search could reveal the video and feel it's a good hour or so spent. The vid is after the acquisition of McAfee, and McAfee (the man) is definitely convinced that someone or a group is out for his blood, but never definitively says why or whom skirting questions regarding the topics. Seriously, who benefits more from the continued existence of malware then those out to put an end to it (might be the reason McAfee is paranoid); amazing that every machine I say that had McAfee AV then decided to drop it was immediately infected with a critical virus within 2 weeks tops. AV could have been the first form of ransom ware for all we know. Something to think about. Anyway, was good chatting with ya!
I was unaware of that...
[Feel free not to continue with this thread] I remember reading about McAfee's coke-fueled rants. Haven't heard of him in a few years; I hope he got the help he needed. Personally I've never bought into the "AV makers are creating viruses" idea. Microsoft has one built-in, and they don't charge money for it, and you can't purchase any sort of "pro" version, so what would be in it for them? That's not to say I don't think of some of the other AV companies as any less than scumbags. Clearly, some of them benefit from the fear mongering in which they participate.
-
...but if that's the case, some things are definitely falling through the cracks. On many distributions, if I try to shutdown the system at a command prompt (typically with "shutdown -P 0"), I'm told I have to run sudo and I'm prompted for a password. Great feature, you wouldn't want any dumbass you share your computer with to be able to bring it down without showing he's got at least *some* amount of authority. Yet that same user can select Shutdown from the UI, and it'll happily comply without prompting for anything else (or at most, a confirmation prompt). If this was some sort of oversight, it would've been addressed years ago, no?
I'm not prejudiced -- they both suck! Over the past few weeks I have been trying to sort out a Linux X-Windows problem. Too many versions, too many updates, too little adequate documentation, too many kids putting out messages on forums, too little design thoughtfulness, too many cryptic names ... I could go on for days. Prior to that, I was trying to sort out a Window's UEFI dual boot problem. Same for Windows...and add too many internal functions that I don't need...or want, too many hidden telemetry functions that I don't trust, too many legacy functions that really should have been updated, too much being forced to do things MS's way....and on, and on, and on. I want a clean, simple, understandable, capable, stable system that, in Apple's words, "just works". (I am not a fan of Apple either, but that's another story.) I find too much of my time is spent nowadays sorting out interaction problems and managing updates. And I'm not getting done what I want to get done. Not, back to figuring out why my abacus gave me a different answer than my slide rule.
-
I'm not prejudiced -- they both suck! Over the past few weeks I have been trying to sort out a Linux X-Windows problem. Too many versions, too many updates, too little adequate documentation, too many kids putting out messages on forums, too little design thoughtfulness, too many cryptic names ... I could go on for days. Prior to that, I was trying to sort out a Window's UEFI dual boot problem. Same for Windows...and add too many internal functions that I don't need...or want, too many hidden telemetry functions that I don't trust, too many legacy functions that really should have been updated, too much being forced to do things MS's way....and on, and on, and on. I want a clean, simple, understandable, capable, stable system that, in Apple's words, "just works". (I am not a fan of Apple either, but that's another story.) I find too much of my time is spent nowadays sorting out interaction problems and managing updates. And I'm not getting done what I want to get done. Not, back to figuring out why my abacus gave me a different answer than my slide rule.
I understand exactly what you're saying. The problem is, we need someone to hit the Reset button and start with a whole new OS. The problem with that is that it'd be expected to be compatible with everything else that already exists, else it's a non-starter. There's just so much baggage to worry about, such a project IMO would never get off the ground. So what do we do?