[SLE] using apt instead of rpm in suse 8.1?
Having had to learn the right way to install RPMs, checking dependencies, etc. I'm interested in learning if this is the best method or not. I have read alot about Debian's apt-get method. What are the consequences of using apt instead of rpms for updates on suse 8.1? Is it worth the headaches, being yast only uses rpm? Also, why does suse use rpm instead of apt? What I read on the net makes apt sound better, but I'd like to hear the other side of the coin. Thanks for your time, -Trey
On Thursday 27 March 2003 20:42, Trey wrote:
Having had to learn the right way to install RPMs, checking dependencies, etc. I'm interested in learning if this is the best method or not. I have read alot about Debian's apt-get method.
What are the consequences of using apt instead of rpms for updates on suse 8.1? Is it worth the headaches, being yast only uses rpm?
Debian doesn't use "apt instead of rpm", they use ".deb instead of .rpm". apt is A Packaging Tool which is relatively independent of the type of package underlying it. rpm is a packaging format, corresponding to the packaging format .deb for Debian. apt can be (and has been) adapted to work with rpm. Although judging from the experiences of people on this list, the port seems to be in beta. Also, since it isn't officially supported, you have to put your faith in private individuals that the apt repositories will be kept up to date and that they won't introduce trojans, which may be a drawback
Debian doesn't use "apt instead of rpm", they use ".deb instead of .rpm". apt is A Packaging Tool which is relatively independent of the type of package underlying it.
rpm is a packaging format, corresponding to the packaging format .deb for Debian. apt can be (and has been) adapted to work with rpm. Although judging from the experiences of people on this list, the port seems to be in beta.
Also, since it isn't officially supported, you have to put your faith in private individuals that the apt repositories will be kept up to date and that they won't introduce trojans, which may be a drawback
Thanks for the clarification. How large of an issue is trojans with Linux? Having read that linux was immune to virus programs, I didn't realize they were an issue. Is there programs that will look for them? -Trey
On Thursday 27 March 2003 21:03, Trey wrote:
How large of an issue is trojans with Linux?
Trojans are always dangerous. It's not really an OS issue If you think about it, what is a trojan? A trojan is a program that does something malicious to your system, while purporting to be something completely different. The analogy is with the trojan horse which purported to be a gift, while in fact it was one of history's first APCs :) A program, any program, could destroy your system. No operating system can ever protect you against yourself. As long as you have the authority to delete files, for example, a program could do it for you. The question is whether you want the program to do it or not. When people say that linux is "immune" to viruses, they're slightly exaggerating. The general idea is that with open source, there are so many eyes looking at the source that trojans and other malicious code will be found before it causes too much damage. This is partly true, although not completely. But that advantage is gone completely if you install precompiled binaries from people you don't know. A lot of the packages in the current apt4rpm repository are from people who made a brief appearance on this list, and then started building rpms. You have to decide if you trust a) their morality, and b) their ability to keep their systems secure. They can be as honest as a monk/rabbi/shaman but if their own systems get cracked you can't trust files from them anyway The rule of thumb has always been, and will always be: never install programs from people you don't trust. As far as the danger of viruses go, the issue there is with bugs in internet services, and how fast they get fixed. And there, linux/unix has the upper hand.
When people say that linux is "immune" to viruses, they're slightly exaggerating. The general idea is that with open source, there are so many eyes looking at the source that trojans and other malicious code will be found before it causes too much damage. This is partly true, although not completely.
Actually, that's not why people say that Linux (and other Unices) are virus immune. It's because unlike the braindead OSs from Redmond, you don't do everything with ultimate privileges (ie root) Since noone in their right mind uses their system as root unless they need to, the risk from virus infection is minimal (since a viral binary run as a normal user cannot overwrite a system file) -- James Ogley, Webmaster, Rubber Turnip james@rubberturnip.org.uk http://www.rubberturnip.org.uk Jabber: riggwelter@myjabber.net Using Free Software since 1994, running GNU/Linux (SuSE 8.1). GNOME updates for SuSE: http://www.usr-local-bin.org
On Friday 28 March 2003 00:38, James Ogley wrote:
Actually, that's not why people say that Linux (and other Unices) are virus immune.
It's because unlike the braindead OSs from Redmond, you don't do everything with ultimate privileges (ie root)
Which user do you normally run as when you install programs?
Since noone in their right mind uses their system as root unless they need to, the risk from virus infection is minimal (since a viral binary run as a normal user cannot overwrite a system file)
True, but it could ruin and/or send off your personal files to god knows whom. If we're talking industrial espionage, that's all it would take. And of course you don't have to run as root to have your computer take part in a DDoS, or as an open relay anonymizer for spammers
participants (3)
-
Anders Johansson -
James Ogley -
Trey