Sign in / up

* Posts by markjohnsoncardio

6 publicly visible posts • joined 29 Feb 2012

'Kill yourself now' - Torvalds throws openSUSE security tantrum

markjohnsoncardio
Reply Icon
Paris Hilton

Re: Re: I think

@kwhitefoot - "As a one time Unix admin I still think the idea that you should be able log in as root is strange."

That's what many people commenting on this article don't seem to understand, and Linus either. With SUSE, you are not "logging in as root" - you are simply proving to the admin control panel YaST that you have admin privileges by supplying a password. YaST does the work - you are still logged in as a normal user.

I think folks are probably so brainwashed into the Ubuntu way of doing things that maybe they can't grasp the difference any more.

1 3
markjohnsoncardio
Reply Icon
Facepalm

Re: Re: Re: Hmm (@ markjohnsoncardio)

@ElReg!comments!Pierre - "Which means, in real terms, that you are logging in with admin rights. Possibly as root, even, depending on your settings. It's not just "giving YaSt a password". It is "allowing YaST to log in as root on your behalf". Funny how some GNU/Linux users have litterally no clue on how GNU/Linux works."

It's like trying to describe a Victoria's Secret catalog to a bunch of blind men. YaST is a config tool, it's not a separate log-in. It's no more of a separate log-in than using a tool in the Gnome Control Panel. If you had ever tried to use SUSE or Mandrake, you would know exactly what I'm referring to.

2 3
markjohnsoncardio
Reply Icon
Black Helicopters

Re: This is a developing pattern

@Steve Davies - "There is no reason why you should have to have elevated access to do add printers or connect to new wifi systems."

Yeah, what could go wrong, right? Glad you don't work in my IT department:

"Security Risks Of Network Printers

Treat Multifunction Printers As Servers, Not Peripherals

 The new features, improved connectivity, and increased complexity of today’s printers are a double-edged sword. Although networked peripherals are undoubtedly more functional and efficient (albeit more costly), allowing devices to be shared by many users, the added capability exponentially increases security risks. What were once “dumb” appliances have evolved into embedded computers, secretly hoarding everything passing through them, often unbeknownst to their owners. "

http://www.processor.com/editorial/article.asp?article=articles/P3224/31p24/31p24.asp&guid=

3 6
markjohnsoncardio
Reply Icon
FAIL

Re: Hmm

@Lars - "So while you are logged in and want to add a printer the need for root will increase security?"

Clearly, neither you nor Linus has any idea how YaST works on SUSE to control access to hardware and network services. You're not "logging in as root" in order to add a printer. You're being asked to give YaST a password to prove you have the correct administrative rights to carry out the function.

4 7
markjohnsoncardio
Reply Icon
Facepalm

Re: I guess Linus has a point here

"On the command line it's ok to setup and use sudo but not when you use GUI."

That's why SUSE has YaST - a GUI that assesses your level of administrative privilege before allowing you to make security changes. Kind of like a GUI form of sudo.

2 2
markjohnsoncardio
Mushroom

Is Linus becoming bad for business?

@Linus - ""If you have anything to do with security in a distro, and think that my kids (replace "my kids" with "sales people on the road" if you think your main customers are businesses) need to have the root password to access some wireless network, or to be able to print out a paper, or to change the date-and-time settings, please just kill yourself now. The world will be a better place," he said."

- Yeah, that's going to help me a lot to sell hospitals on switching to open source. Thanks Linus - you and RMS make for a couple of completely useless ambassadors for all these great products.

3 5