Michael Skiba wrote:
Am Donnerstag, 23. August 2007 10:41 schrieb Joachim Schrod:
But, as you can read from the other answers to my post, these
results are obvioulsy dreamed by me and my customers pay for
nothing, because "every linux/unix/*ix box on the planet is not
owned by hackers and spammers while so many possible exploits
exist", as Ken Jennings put it so succinctly. No, no, no. "Every
... is not owned" -- guys, now I've got it: There are *NO* owned
Linux boxes out there, none at all. You read it here, so it's true.
I should close down the part of my company that's testing and
securing linux/unix systems for my customers; it's not necessary.
Well, by public acclamation, I seem to be wrong, and rest my case.
It's true what he says, we've to face the fact, we're not invincible (yup,
even if some of us like to to propagate). The fact that Linux/Unix structure
is different to windows, doesn't make it unattackable, some things might be
more difficult, right. But a desktop system is always vulnerable, user wants
to have this comfort and pay the bill - same as in windows.
Something different might be on the side of the Server systems, where almost
no user actions are taking part, it's rather difficult to exploit them(if
maintained correctly).
Don't forget, there's two types of desktop. The home or small business
user, where anything goes and the corporate desktop, where security is
given significant consideration. Even "out of the box", Linux is vastly
more secure than Windows. Now, get into the corporate world, where
proper security measures are taken, there are other steps which further
improve security. In addition to the previously mentioned items, one
thing Linux supports is mounting separate partitions (may even be
located on a server) on the file system, with appropriate mount
options. This means that any directory containing executables can be
mounted read only. Also, any partition containing user write-able
directories can be mounted noexec, which means that even if an
executable is installed, it will not run, no matter what the permissions
say. There are many other methods in Unix & Linux, that combine to make
them far more secure than Windows ever will be. For example, have you
ever used a Windows app that requires admin privileges? If so, that
means you've just opened up a security hole. In Linux, in the unlikely
event that a user needs root permission, it's very easy to run only that
one app and not affect anything else. Bottom line, there are far more
barriers to security issues in Linux than in Windows. Please note, I'm
not claiming it's perfect, just far more secure, even for a newbie user.
--
Use OpenOffice.org <http://www.openoffice.org>
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
