I need to break this up as my typing speed isn't what it used to be. Andre Truter wrote:
On 3/30/06, Linda Walsh
wrote: Clearly no one here understands the nature of 99% of Windows virii and how they could easily run on Linux if Linux had a full port of Explorer, ActiveX and the desktop libraries.
But Linux don't have those flaws, while Windows do.
Which flaws are you referring to? I said Linux isn't affected by most Windows-based virii because Linux doesn't provide the "ease-of-use" & "automation" libraries that most malware targets in the Windows environment. I don't believe I referred to flaws. It sounds like you are equating "libraries" with "flaws". Is this what you meant? I might point out that _Linux_ doesn't provide _any_ application libraries. Third parties provide applications and libraries which are distributed by specific distributions. When you refer to Linux, are you referring to all distributions that use the Linux OS as their base? Windows isn't an OS it's a windowing, application environment. It started as a $100 dollar, separately packaged "add-on"Up until recently it ran on MS-DOS -- a single-user OS designed for *non-networked* use. Windows was ported to run on "NT", which MS introduced as their "business" solution. Windows is equivalent in Linux to "KDE" or "Gnome" and every other standard application library provided on top of a Linux kernel.
You will have to tie the ActiveX into the kernel's security level (like Windows have), so you will be actively MAKING an insecure Linux.
Are you referring to the multiple special hooks for graphics acceleration in the Linux Kernel, like the specialized XFree graphics subsystem drivers? No, cause tying putting hooks in the kernel to allow graphics acceleration would just be "stupid", right? How about the automation that already exists in KDE (and probably gnome) that allows one to click on a file and have a file-specific handler (or interpreter) run. It doesn't have to be built into the kernel to be insecure. Just run all the processes as root. How many times has linux been hacked because a daemon was compromised and running as "root"? It's common now for some of these to drop root privileges and/or run in a restraining "chroot" jail (ex. bind/named), but many haven't been converted, and there seem to be new ones being written all the time that forget the lessons of yesterday.
(Hmmm... Maybe if you get MicroSoft's marketing department to seel it, you will be able to sell it to people) But then it is definately not Gnu/Linux anymore and the Gnu/Linux community will never accept or allow such a beast.
There is no "accept" / "allow". it's whatever will sell to the masses. Each new version of SuSE (I only mention SuSE because I'm not that familiar with other distro's, having run SuSE's since SuSE 7.x) has more daemons running that I've never heard of. With the interwoven dependencies I have mentioned elsewhere in email, tons of unnecessary software and daemons are installed in the default system -- if you follow the install rules -- like you said in Windows: you can't install a system without them.
Where do you think Window's (as separate application on top of WinNT) got it's "ActiveX" technology from? Before that it was called DCOM, and before that "COM" and before that...I think "CORBA"?, but Window's "COM" technology came from Unix (Sun).
Correction on this - COM came from DDE and OLE, which didn't include networking initially. CORBA 2.0 was designed for compatibility with OLE & COM. CORBA had DCOM compatibility by version 2.3.
CORBA is a stand-alone bus that allow clients to talk to each other. THe clients interface with the CORBA bus via an API, but do not share memory space with the bus itself.
??? By share the same memory space, do you mean run on the same computer? Not since Win98/WinME have Windows processes run in a shared memory space.
With COM and ActivX the API gives your app access to the memory space of the ActiveX component, which again use a shared system bus.
On a hardware level, perhaps, but in software, no worse than Linux, where any root-level process can read (and write) all of memory through /proc/kcore.
With the message busses used on *nix systems you cannot do that, because there are diferent busses and you can only access what the bus allow you to see.
You are not making any sense. All root level processes on a "normal" version of Linux (not SELINUX), have access to each other and can screw with other process's memory space given enough work. In NT, processes under different user-id's and non-root processes don't have any more ability to write over other users' processes than on Linux.
Very much. Due to the common message bus that Windows use, the java application potentially have access to any other application, while on a *nix system, the java engine is run as a normal user and there is no common message bus. In fact, java normally does not have access even to the KDE or GNOME message busses.
If a java app gets compromised, it will only effect the user.
You apparently don't know about the versions of Linux that have shipped as "single user systems", where the one user is "root". You can configure Linux to have just as many security problems as Windows.
What started this conversation no one has addressed: the primitive [absent] interactive GUI "Firewall" technology available on Windows.
I think you are still not getting the point.
The point in in the subject of the message. Show me the Linux answer to "common" Windows functionality -- interactive firewall and security control.
You percieve Linux as being primitive
--- Incorrect. Read the subject. I perceive the SuSE Firewall product as being primitive compared to user-interactive products on Windows that provide the same level of security but have the additional ease of real-time user interaction.
because it does not feature a useless application that can only give you a false sense of security.
This is what I mean -- you can't admit Linux is lacking in an interactive bi-directional firewall & HTML filtering product.
You are still measuring linux security according to Windows security features and issues.
It's not a measure of security -- it's a measure of usability -- of whether or not you can answer the original posters question. They wanted an interactive firewall control -- not a non-interactive one that makes all decisions for him up front and silently records results to a log file.
The point is that you should first look at where the real threats are on a Linux system and then think from that angle.
On Linux you should NOT focus on a tool that can tell you that you HAVE ALREADY been compromised.
Have a tool *block* non-permitted applications by default doesn't tell me I've been compromised. You see, many tools writers write their tools to "call home" after you have installed them. This allows them to track who has installed their tool and, at the least, gage numbers. Firefox is such a tool. When you first install it, it tries to call home. Do I want it to? No. You are making the claim that because Firefox initiates web-access to a Firefox-custom site when it starts up, that I am already compromised. I disagree. It's not just Firefox, but most program's "help" features seem to attempt network communication (whether I only want to search my local machine or not). Another example -- Thunderbird. Would I expect an "email" client to attempt a download from port 80 when I first start it? That's what it does. It tries to download a special "start page" when you start it for the first time and unless you disable it's default start page. Do I want to signal to 'mozilla.org" every time I read email? On Windows, I have a chance to interactively monitor each new program's behavior and decide to permit or deny activity. On linux, I don't have that option.
OK, so help me understand the usefulness of this.. I start up a browser with the intent of acessing web pages on a web server, that is normally via port 80.
Please, don't insult my intelligence. You can't figure out any usage of Firefox beyond accessing external web sites on port 80? Firefox can be used to browse a local internet and it can be used to browse external sites not on port 80, or be configured to go through a proxy. On my system, a program trying to go out on port 80 is the first evidence that a program is trying to do something _behind my back_. I know at the very least, it is misconfigured or it is trying to do some action I didn't specifically authorize. On your Linux system, you have no clue -- from what you tell me, you have port 80 open by default, so any application can contact external websites on port 80 and download code or "register" your presence. That's insecure.
Well, I kind of expect it to access port 80 that is why I started it up. Why would I want an application to tell me this?
Because it is not something specifically permitted. You seem to believe that any application going out port 80 should be unquestioned and allowed. My security policy on my Windows machine says no traffic goes out of port 80. Any software that is following my security policy will not go out port 80. Any software that tries to go out port 80 will cause me to be immediately notified -- interactively with what application is attempting the *unauthorized* access and what website it is trying to contact.
Or do you start up Firefox and use it as a local file browser. FireFox should NOT access port 80, that would be wrong....
=== It does and you are obviously unaware of this because you haven't been monitoring your port-80 traffic.
That is because that functionality is moot on Linux. You don't need it as the security issues are different.
No they aren't. I have similar security policies for my windows as for my Linux machines. There are variations based on my usage, but I am aware of the risks.
The behavior I see on Linux is "silent failure" -- a log file entry is generated, and it doesn't tell me what application made the request.
No, not silent failure, but silent protection.
You are jumping around. We are talking about othewise legitimate applications that make unpredictable network accesses -- like Firefox, when you first start it to browse files. You wouldn't expect it to access the internet, but that's what it does -- so does Thunderbird. Um...we just talked about allowing FireFox to go out of port 80. If I run an MP3 player, if it tries to download music from "website:5004", you can bet that on Windows, I'd get an immediate warning that "MP3AMP" is trying to access "music.site" on port 5004. Should it be permitted? I can look at the URL and see it's on a non-standard web-traffic port (though it may be standard for MP3 broadcasts, it's not for generic web content). I can choose to allow it or not. On linux I had the same problem -- but there, my firewall silently blocks attempts to go out on port 5004 -- why? Because when I set up the firewall, I didn't "predict" every possible port that music might be playing from. Not playing is a "failure" -- it is not "silent protection". From any user's perspective, it if doesnt' work, it's broken. On linux, I had no idea why it wasn't working the first time it happened. Only days later did I see a few lines out of 1000's of log lines showing me that there had been unauthorized attempts to contact "music.site:5004" that had been _silently_ blocked. Later, I could log into my firewall console and add rules to permit this, but when it was happening, all I knew was frustration -- my MP3 player wasn't working with random sites.
A firewall is not there to tell you what is trying to go where, it's main purpose is to prevent thngs from going through it.
Wny do you think they have security cameras in banks? Are they to deflect the bullets of robbers? If something "happens", you want to know who what where and when. Giving me no information is next to useless. Sorry -- Linux doesn't provide useful information in these situations. Not knowing "who" (or "what") is trying to violate security policy in what way is poor protection -- giving me that information in real time is in NO way, useless. -l