Michael Skiba wrote:
Am Donnerstag, 23. August 2007 10:41 schrieb Joachim Schrod:
But, as you can read from the other answers to my post, these results are obvioulsy dreamed by me and my customers pay for nothing, because "every linux/unix/*ix box on the planet is not owned by hackers and spammers while so many possible exploits exist", as Ken Jennings put it so succinctly. No, no, no. "Every ... is not owned" -- guys, now I've got it: There are *NO* owned Linux boxes out there, none at all. You read it here, so it's true. I should close down the part of my company that's testing and securing linux/unix systems for my customers; it's not necessary.
Well, by public acclamation, I seem to be wrong, and rest my case.
It's true what he says, we've to face the fact, we're not invincible (yup, even if some of us like to to propagate). The fact that Linux/Unix structure is different to windows, doesn't make it unattackable, some things might be more difficult, right. But a desktop system is always vulnerable, user wants to have this comfort and pay the bill - same as in windows.
Something different might be on the side of the Server systems, where almost no user actions are taking part, it's rather difficult to exploit them(if maintained correctly).
Don't forget, there's two types of desktop. The home or small business user, where anything goes and the corporate desktop, where security is given significant consideration. Even "out of the box", Linux is vastly more secure than Windows. Now, get into the corporate world, where proper security measures are taken, there are other steps which further improve security. In addition to the previously mentioned items, one thing Linux supports is mounting separate partitions (may even be located on a server) on the file system, with appropriate mount options. This means that any directory containing executables can be mounted read only. Also, any partition containing user write-able directories can be mounted noexec, which means that even if an executable is installed, it will not run, no matter what the permissions say. There are many other methods in Unix & Linux, that combine to make them far more secure than Windows ever will be. For example, have you ever used a Windows app that requires admin privileges? If so, that means you've just opened up a security hole. In Linux, in the unlikely event that a user needs root permission, it's very easy to run only that one app and not affect anything else. Bottom line, there are far more barriers to security issues in Linux than in Windows. Please note, I'm not claiming it's perfect, just far more secure, even for a newbie user. -- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org