nice article from Linux Journal site.
--
Shriram alias Rajesh Fowkar
Kurtarkar Nagari, Bldg-C,
Flat No. T4 Third Floor,
Shantinagar(Santacruz), Ponda - Goa - 403 401.
Phone : (0834)315932
Email : [EMAIL PROTECTED]
----------------------------------------------------------------
Will Linux conquer the desktop? Not without Linux Lite
by Bryan Pfaffenberger <[EMAIL PROTECTED]>
8-Sep-1999
It's not just a matter of user-friendliness. Security matters
too--especially the kind of security that safeguards new users.
My friendly local network administrator walked in just as I was finishing up
my Red Hat 6.0 installation, the day after the software's release. He's a
UNIX guy, and I thought he'd be pleased to see users like me making the
switch from Windows to Linux. But the look on his face told me
otherwise--shock, horror, dread. "Do you know how to configure Linux so that
it's secure on a LAN? Which daemons are you running? Are you running
sendmail? Do you know how to configure it? Do you have the latest version
of bind? Aarggh!"
A couple of weeks later, I found out why he was so worried. Working at home,
and sheltered (or so I thought) by a dynamically assigned IP address, I
suddenly realized I wasn't the only person using my computer. I lunged for
the power switch, and shut down my system just in time. I thought I had
secured my system fairly well, but--as I later discovered--I wasn't running
the latest and greatest version of a certain well-known daemon. Admittedly,
it was one I probably shouldn't have been running at all. The result? When
the script kiddies came calling, they found my front door wide open.
After a nice clean re-install, a raft of changed passwords, and a
minimalist reconfiguration, my system is secure. I've yet to have repeat
visitors. But these incidents got me thinking. I know Linux is inherently
much more secure than any consumer operating system, but that's true only if
you know quite a lot about Linux. Some Linux distros install all kinds of
junk that puts users at risk; others do a better job, but inevitably leave a
hole or two that an intruder could exploit. And here, Linux people are
perhaps their own worst enemies. When people run into security problems with
poorly configured Linux systems, Linux experts sometimes say, "Oh, you were
supposed to comment that line out. You know, you shouldn't run Linux unless
you're willing to learn the fundamentals of system and network
administration." Dream on, folks. Most users just don't have that kind of
time.
Let's get real here. Just because you have access to a root account doesn't
make you a system or network administrator. These roles are best played by
trained professionals: people who have the training, time, and motivation to
master all the details of system configuration and security, monitor the
newsgroups for security alerts, and attend workshops and conferences in
their fields of expertise. (Now, please note that I said these roles are
best played by professionals. Amateurs can and do become very good system
and network administrators, if they're willing to put in the time--but
that's just my point. Those zillions of Windows and Mac OS users out there
aren't going to do this. Period.)
And what's going to happen when somebody breaks into a Linux box and uses
Netscape to clean out somebody's electronic bank account? Can you imagine
the headlines? It's a real possibility, folks. Apparently, lots of cable
systems leave users' systems wide, wide open. Users are at even more risk if
they're using Windows or the Mac OS, of course, but that's just my point:
Linux ought to offer more, and it can't unless the user possesses more
expertise than it's wise to expect.
And now, faithful readers, I shall commit the ultimate heresy. Windows NT is
way out in front of Linux in dealing with this problem--at least in theory.
As you're probably aware, NT comes in two versions: a server version and a
workstation version. Both use the same underlying architecture and file
system, but the workstation version doesn't include all the server and
networking stuff that takes so much expertise to configure correctly. The
idea of the workstation version is simply this: minimize the things that a
na�ve user could screw up. Now, before you get out your flamethrower, please
understand that I'm not claiming NT makes this distinction the right way, or
that NT is more secure than Linux, or that Bill Gates is a warm cuddly
person after all, or that aliens actually landed at Roswell in 1947. OK?
Here's what I am saying: The distinction between the server and workstation
version is a darned good idea. What's more, it's a natural and inevitable
bifurcation that must occur when a server-only OS makes a transition to the
desktop market.
So here's my recommendation: Linux distributions should take a cue from NT,
and come in two "flavors": Linux Server (for experts or talented amateurs
only), and Linux Workstation (for the rest of us). Here's my notion of
Linux Workstation, in a nutshell:
* It's designed from the get-go as a single-user workstation, although
users could configure additional users if they wish. The setup utility
prompts the user to create an ordinary user account, and the system
defaults to this account when it starts. (You'll still need to supply a
password, of course.) You don't even know there is such a thing as
"root" until you start reading the manual.
* It's assumed that users will connect to the network via a dialup
connection, or as a client workstation on a LAN, and that they'll get
their mail from POP3 or IMAP servers. While not completely eliminating
all the daemons and utilities that could get a na�ve user into trouble,
this assumption does rule out a good many of them. And users won't be
able to get themselves into trouble by playing with more risky tools,
because those tools won't be on the disk. Now, don't get me wrong,
here; I'm not talking about denying anything to anybody. If somebody
wants to run Linux Server, fine--all they need to do is get the other
disk. All I'm saying is this: "Great, you're a new pilot, and you want
to fly. Fine. We've got a Cessna 127 here, and an F16. You know, I
think you ought to start with the Cessna."
In light of the server/workstation distinction, you can see we've
essentially been handing out Linux Server to lots of folks who should have
started with Linux Workstation. To be sure, Red Hat Linux comes close to
what I'm suggesting; when you install it, you can choose between a server
and workstation version. But na�ve users may not realize what's at stake
here, and I wonder how many chose the server version so that they could get
"more stuff". What's more, the two installed versions are practically the
same, except that one is missing some daemons; but there are still plenty of
ways a user can go wrong, even with Red Hat's workstation version. I've run
into Red Hat users who happily installed it in the workstation mode, and
proceeded to use their systems as the root user--with no idea whatsoever
that there's such a thing as a user account. Everything was just ducky until
they logged on to IRC. (In case you're not aware, it's a very, very poor
idea to access IRC as root. Bad things happen. Please, don't try this at
home.)
The Linux community must do more to protect new users who are attracted to
Linux for all the right reasons. They're attracted to our ideals. We owe
them more than they're getting. What I'm proposing is two totally different
distributions. What's more, I urge every Linux distribution to make this
distinction: The server version maximizes power at the expense of demanding
expertise, while the workstation version protects the user, even if it means
sacrificing some nifty stuff or using older, stable versions of basic system
software.
Call it Linux Lite, if you like. Whatever you call it, and whether or not
you would like to use it, it's the key to the desktop market. Unless Linux
makes inroads in this market, it can't pose a serious challenge to
commercial, closed-source operating systems.
Bryan Pfaffenberger is Associate Professor of Technology, Culture, and
Communication at the University of Virginia, where he teaches a course
titled Computers and Social Issues. He's the author of several books on
Linux, including Linux Clearly Explained (Morgan-Kaufmann Publishers,
available now), and Mastering GNOME (Sybex, available this fall).
