Re: Any GIMP users (Linux)



Derek Fountain wrote:

No, the linux security model is simply much better than the Windows
one.

Well, it's better than the Windows 95/98/SE/ME model. It's no better than
the NT model.

Yes it is. Way, way better. You need to understand the details.
Microsoft didn't even get the basics right, like adding salt to password
hashes to thwart rainbow table attacks,

What leads you to believe that this technique "thwarts rainbow table
attacks"? Just need to make more passes.

or including a firewall that
defaults on.

Uh, that has nothing whatsoever to do with the security model.

If you think that the default settings for an application program have some
relation to the security model and not to the security policies of the
organization hosting the system then you have no clue what constitutes a
"security model".

Word is that the firewall in Vista, when it arrives, will
default to allowing all outbound traffic - that's laughable, especially
if you're a worm writer.

Which again has zip all to do with the security model.

Windows NT/XP will support that just fine. The problem is that most 'Doze
users run in an administrator mode so they don't have to re-login to
install software.

Or install printer drivers. Or change the system time. Or add security
patches. Or do just about any other admin task.

All of which one must be running root on a Linux box to do as well. But in
point of fact Windows allows one to install printer drivers without admin
access, ditto for changing system time, although why one would want to do
that instead of simply accessing an NTP server is beyond me.

Also, since there's only one user on my system, it's just as big a
deal to trash all the user files as it is to trash the system files.

There's only one (non admin) user on this Linux box, and nothing I do as
that user will infect my system files with worms or other malware.
Trashing system files is a huge deal - if I, or something unpleasant,
deletes all my user files I can restore them from backup in a few
minutes. Trash all the system files and you're looking at hours of work
reinstalling the OS and the applications.

Pity that Linux is so fragile. Personally it takes me under an
hour--install a rump XP, run restore, and then reboot. Only difference in
time required to restore the OS vs the user files is the additional half
hour or so to install the rump OS to run the restore program.

I could cut that down by preparing a boot CD with the backup program in
place, but I've needed it so seldom that I've never had an incentive to do
it.

A system that doesn't, in all practicality, *enforce* an isolation
between user and administrator is broken by design. Vista should finally
include this, but reports are they are having trouble retro-fitting it
to a product that has never had it.

It is not necessary to retrofit something that has been present through at
least three generations of the OS. The fact that you think that this is
something that is going to be new in Vista says that you really are
clueless with regard to the functioning of Windows security.

Sheesh, buffer
overrun attacks still work in some corners of the Unix context. What a
joke.

Buffer overruns affect Unix, Linux, Windows, Mac, and every other stack
based architecture. Pointing this particular finger only at Unix is
disingenuous.

--
--John
to email, dial "usenet" and validate
(was jclarke at eye bee em dot net)
.