Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Is Ubuntu safer than Windows against hacking/viruses?
New Posts  All Forums:Forum Nav:

Is Ubuntu safer than Windows against hacking/viruses? - Page 2

post #11 of 24
Quote:
Originally Posted by mushroomboy View Post

less user base = less viri written due to less targets so it equals to a smaller "impact". if you know what I just said then you understand the demographics of computer viruses. With that said and done, yes it's safer but only for 2 reasons. 1) less people use it... 2) we don't have ACLs as default so it's either you can mod the system or you can't. The best advice is to set up a separate "admin" (root) with an advanced password and use sudo (with a decent/advanced pass) to install/modify anything. That way a standard user process can't go rouge and make system changes.

Technically the plural for virus is viruses.

Also Linux does have native / included ACLs of sorts - it just functions very differently to Windows. So that's really got nothing to do with the security of Linux. What has a bigger play is the points I raised above.
post #12 of 24
Quote:
Originally Posted by Plan9 View Post

Technically the plural for virus is viruses.
Also Linux does have native / included ACLs of sorts - it just functions very differently to Windows. So that's really got nothing to do with the security of Linux. What has a bigger play is the points I raised above.

Yeah I know, it's called a typo, if you look I do use the word.

Depends on the linux distribution. Debian doesn't come with any form of ACLs, neither does Ubuntu, Slackware, or Gentoo. i know some of the business oriented ones do, but generally linux doesn't ship with ACLs in mind.
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #13 of 24
Quote:
Originally Posted by mushroomboy View Post

Yeah I know, it's called a typo, if you look I do use the word.
So you did. My apologies smile.gif
Quote:
Originally Posted by mushroomboy View Post

Depends on the linux distribution. Debian doesn't come with any form of ACLs, neither does Ubuntu, Slackware, or Gentoo. i know some of the business oriented ones do, but generally linux doesn't ship with ACLs in mind.
Actually all Linux distros ship it. Even just user groups are a basic form of ACLs as you can assign more than one group per user and then set individual permissions per group thus affecting all users with that group attached (in fact, this is the best method of managing shell logins: sticking AllowedGoups ssh_users in your sshd_config file and then attaching the users you want to give SSH access to ssh_users group).

There's also advanced permissions that can be set with commands, such as setfacl (which Ubuntu does support - as proven by this man page:
http://manpages.ubuntu.com/manpages/gutsy/man1/setfacl.1.html )

What desktop distros don't ship is networked ACLs. But then Windows Home OSs don't ship with Active Directory either. However install SLES or Windows Server and you'd expect to see LDAP / AD available.
post #14 of 24
Quote:
Originally Posted by Plan9 View Post

So you did. My apologies smile.gif
Actually all Linux distros ship it. Even just user groups are a basic form of ACLs as you can assign more than one group per user and then set individual permissions per group thus affecting all users with that group attached (in fact, this is the best method of managing shell logins: sticking AllowedGoups ssh_users in your sshd_config file and then attaching the users you want to give SSH access to ssh_users group).
There's also advanced permissions that can be set with commands, such as setfacl (which Ubuntu does support - as proven by this man page:
http://manpages.ubuntu.com/manpages/gutsy/man1/setfacl.1.html )
What desktop distros don't ship is networked ACLs. But then Windows Home OSs don't ship with Active Directory either. However install SLES or Windows Server and you'd expect to see LDAP / AD available.

Traditionally groups aren't talked about as an ACL, You would be better off saying the simple user/owner/group is a minimal ACL. Groups and users are close but not an ACL. That's a separate file on the system controlling access and permissions. ACLs are to be set per file, as each file now has it's own set of user permissions.
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #15 of 24
Quote:
Originally Posted by mushroomboy View Post

Traditionally groups aren't talked about as an ACL, You would be better off saying the simple user/owner/group is a minimal ACL.
That's exactly what I did say! Go back and re-read my post rolleyes.gif
Quote:
Originally Posted by mushroomboy View Post

Groups and users are close but not an ACL. That's a separate file on the system controlling access and permissions. ACLs are to be set per file, as each file now has it's own set of user permissions.

I know what ACLs are, my point was that the groups can actually work similarly to ACLs on Windows (and I even referenced an example why). given that the users and groups permissions can be configured per file and subsystem as well as controlled centrally, it does fill many ACL needs. However (and another part of my post you completely ignored), Linux does ship more fine-grained control - and I had even included a man page which you also conveniently ignored.

I will say that ACLs on Linux are not as simple to just pick up and use as they are on Windows. But then no server administration on Linux is. However that doesn't mean that the controls are not there.
post #16 of 24
Quote:
Originally Posted by Plan9 View Post

That's exactly what I did say! Go back and re-read my post rolleyes.gif
I know what ACLs are, my point was that the groups can actually work similarly to ACLs on Windows (and I even referenced an example why). given that the users and groups permissions can be configured per file and subsystem as well as controlled centrally, it does fill many ACL needs. However (and another part of my post you completely ignored), Linux does ship more fine-grained control - and I had even included a man page which you also conveniently ignored.
I will say that ACLs on Linux are not as simple to just pick up and use as they are on Windows. But then no server administration on Linux is. However that doesn't mean that the controls are not there.

You can't say "my point was that the groups can actually work similarly to ACLs on Windows" after "Even just user groups are a basic form of ACLs as you can assign more than one group per user and then set individual permissions per group thus affecting all users with that group attached". To say something is a basic form kind of gets you off the hook but not really. You originally state groups as a basic form of ACL, you never implied that it was to mean they "work similarly". I know what you said.
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #17 of 24
Quote:
Originally Posted by mushroomboy View Post

You can't say "my point was that the groups can actually work similarly to ACLs on Windows" after "Even just user groups are a basic form of ACLs as you can assign more than one group per user and then set individual permissions per group thus affecting all users with that group attached".
Why not? I know english isn't my strong point, but those two sentences essentially state the same thing.
You've also conveniently ignored (yet again) where I elaborated to demonstrate other more fine grained control (which again is hooked into the user / group system). Which, to be honest, I'm getting sick of you doing. If you have a problem with the methodology, then by all means impart your wisdom. But all you're doing is ignoring examples of real world applications and actual man pages in favour of sticking your fingers in your ear and yelling "la la la I'm not listening"
Quote:
Originally Posted by mushroomboy View Post

To say something is a basic form kind of gets you off the hook but not really.
It's no different to the term you used, and I quote: "simple user/owner/group is a minimal ACL". How is "minimal" any better (or different) to "basic"? You're whole argument now is simply moronic and completely irrelevant to the topic of ACLs.
Quote:
Originally Posted by mushroomboy View Post

You originally state groups as a basic form of ACL, you never implied that it was to mean they "work similarly". I know what you said.
Clearly you don't because you've ignored huge chunks of my post and taken the remainder out of context. I'm starting to think that perhaps you just want to believe that Linux can't ACL through pride of being proven wrong. I'm also now regretting ever responding to you as clearly nitpicking sentence structure is more important than actual facts. rolleyes.gif
Edited by Plan9 - 3/14/12 at 3:48am
post #18 of 24
Quote:
Originally Posted by Plan9 View Post

Why not? I know english isn't my strong point, but those two sentences essentially state the same thing.
You've also conveniently ignored (yet again) where I elaborated to demonstrate other more fine grained control (which again is hooked into the user / group system). Which, to be honest, I'm getting sick of you doing. If you have a problem with the methodology, then by all means impart your wisdom. But all you're doing is ignoring examples of real world applications and actual man pages in favour of sticking your fingers in your ear and yelling "la la la I'm not listening"
It's no different to the term you used, and I quote: "simple user/owner/group is a minimal ACL". How is "minimal" any better (or different) to "basic"? You're whole argument now is simply moronic and completely irrelevant to the topic of ACLs.
Clearly you don't because you've ignored huge chunks of my post and taken the remainder out of context. I'm starting to think that perhaps you just want to believe that Linux can't ACL through pride of being proven wrong. I'm also now regretting ever responding to you as clearly nitpicking sentence structure is more important than actual facts. rolleyes.gif

Because I was referring to the file attributes. Owner/User/group are file attributes that allow Read/Write/Execute depending on the numerical value you assign. That's an ACL but groups alone are not an ACL as they aren't really controlled by the file system.

[edit] I know I'll need to clarify, don't know why I posted. ACLs refer to objects, objects mean files. A group isn't an object, it's a definition and would work more similar to a registry as opposed to an ACL. Even so, it's really just a simple list. The file that stores that list is an object and can be attributed by an ACL, however the "groups" that the file holds are in no way related to an ACL.

I also don't generally talk about the standard owner/user/group as an ACL because you can do that without an ACL. In fact most people don't talk about the standard chmod attributes as ACLs. I was actually unaware that the they now ship with full ACL tools, I still think most systems don't actively use them unless you enable it. That is a new thing to me, probably the last couple years.
Edited by mushroomboy - 3/14/12 at 4:24am
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
Current Rig
(14 items)
 
  
CPUMotherboardGraphicsRAM
FX-8350 4.6GHz@1.44v GA-990FXA-UD3 R4.0 HD 7950 (1100/1450) 8G Muskin DDR3 1866@8CLS 
Hard DriveOptical DriveOSMonitor
1TB WD LiteOn DVD-RW DL Linux/Windows 19" Phillips TV 1080p 
PowerCaseMouseMouse Pad
OCZ 600W Generic Junk Logitech MX400 Generic Junk 
Audio
SBL 5.1 
  hide details  
Reply
post #19 of 24
I think you should also add that *NIX users who have modded their kernal can either close or open security holes, because they, well, changed the kernal
The Lie v2
(18 items)
 
  
CPUMotherboardGraphicsRAM
i5 4690k ASRock z97 Extreme 4 EVGA GTX 1070 Crucial 
Hard DriveHard DriveHard DriveCooling
Crucial MX300 WD Caviar Blue 500 Gb Crucial MX300 Corsair H100i 
OSOSMonitorKeyboard
Manjaro Win10 lg29um58 Ducky One TKL RGB 
PowerCaseMouseMouse Pad
OCZ Modxtreme 600w INWin 303 Logitech G602 Rubber 
AudioOther
HD598 Lots of fans 
  hide details  
Reply
The Lie v2
(18 items)
 
  
CPUMotherboardGraphicsRAM
i5 4690k ASRock z97 Extreme 4 EVGA GTX 1070 Crucial 
Hard DriveHard DriveHard DriveCooling
Crucial MX300 WD Caviar Blue 500 Gb Crucial MX300 Corsair H100i 
OSOSMonitorKeyboard
Manjaro Win10 lg29um58 Ducky One TKL RGB 
PowerCaseMouseMouse Pad
OCZ Modxtreme 600w INWin 303 Logitech G602 Rubber 
AudioOther
HD598 Lots of fans 
  hide details  
Reply
post #20 of 24
*double post*
Edited by Plan9 - 3/14/12 at 4:33am
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Linux, Unix
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Is Ubuntu safer than Windows against hacking/viruses?