[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Deploring *nix Philosophy ( Was Re : Splitting archives



On Mon, Jun 07, 2004 at 11:43:12PM -0400, J. Erik Hemdal wrote:
> Bear in mind, that the notion of one-at-a-time usage is foreign to
> Linux.  The tacit assumption is that multiple users are potentially
> using the system all the time.  Even if I am not logged on, I can use
> cron to launch jobs for me.  Since these jobs may want to control shared
> resources, a security mechanism is needed to maintain the integrity of
> the computer system.
> 
> As a result, non-root users are frequently prevented from controlling
> shared resources.

This is a very important point IMHO.  Linux and all other UNIX-like
operating systems are first and foremost both multiprocess and multi-
user operating systems.  The offerings out of of Redmond (such as XP)
are multiprocess but are not true multiuser capable (though NT and XP 
do both have some features in common with true multiuser OS).

On an XP box, it is reasonably "safe" to assume that the console luser may
have unfettered access to shared exclusive use devices such as modems and
removeable media - if someone's logged in on the console, it's assumed
that they're supposed to be there, and need not be restricted (at least
by default).  Not so with Linux, with it's extensive integrated remote
access capabilities.

That being said, recent generations of Linux-based systems do fairly well
in this regard, though there is room for improvement.  While it may be
reasonable for one user to expect unfettered access to devices in a
"workstation" installation, there are plenty of others who disagree, and
the comprimise has been made with the overall security of the system
in mind.  The system can be configured to accomodate the former group,
though it can certainly be argued that it ought to be easier to do so.

Linux in general (and RH / Fedora in particular) is not the way it is
because the architects desire to make it difficult for users.  The design
of any OS is a comprimise between function, ease-of-use, and security.
MS has in the past opted to lean towards ease-of-use, though they seem
to be re-evaluating that decision.  Most if not all Linux distributions
focus on security first, function and ease-of-use second.

Brant



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]