Jump to content

Is Mandrake really more secure than Lindows/MS-Windows ?

Guest ndeb

By Guest ndeb
in Everything Linux

 Share

Recommended Posts

Counterspy MUB Addict

Counterspy

Posted
Posted

You have highlighted an ongoing problem where getting the distro out the door takes precedence over bug-fixing. Mandrakesoft has never cleared out all of the bugs and does so by minimizing them to insignificance. Nothing short of an email to the new CEO will change the habits of some employees. They continue to flog things like supermount instead of making an autofs configurator is one example. Peronally, I would like to take Duval and duct tape him to the Eiffel Tower with a sing reading "Failed Executive".

 

Was it really Red Green who turned us on to the magic of duct tape?

 

Counterspy

Link to comment
Share on other sites
Guest ndeb

Guest ndeb

Posted
Posted

I fully agree. And the excuse is always "we are working on the next release ....". If this is the way these people work then there is little hope of survival. As for supermount, I have already reported bugs with their latest versions (mandrake-9.1rc2). It appears that many of these employees are probably disgruntled and don't want to do their job well even when hundreds of users are ready to help them out. I reported 20+ bugs in mdk-9.1rc1 and most of them were not fixed in mdk-9.1rc2 either. I can bet that even a 9.1rc5 will have tons of bugs.

 

Also, the issue of security updates raises an important question: how many updates actually fix the bugs they claim to fix? Nothing is worse than a false sense of security.

Link to comment
Share on other sites
SoulSe Mandriva Guru

SoulSe

Posted
Posted

NOTHING is secure, until you make it that way. Look at the security issues WinXP had to address with the first service pack.

 

If I share all my folders and disable my firewall, no matter what system I am using, I am screwed. The question itself is silly.

 

"Are Toyotas more secure then Nissans?" Well, depends on whether or not you are wearing a seatbelt, doesn't it

Link to comment
Share on other sites
pmpatrick Mandriva Guru

pmpatrick

Posted
Posted

Many think that none of the current OSs are nearly as secure as they should be i.e. they all suck. It's like arguing about who is the world's tallest midget IMHO. If windows is a house with 20 doors open and linux only has 10 does that make it twice as secure?

Link to comment
Share on other sites
ral MUB Addict

ral

Posted
Posted

I don't know about security, and am not a Linux expert. But having tried two versions of Linux, I see Mandrake as a more cutting edge distro but at the same time a buggier less refined product than RedHat. RedHat seems to be a more conservative distro but where things work better out of the box.

 

I have installed both distro's in at least 3 machines... and never had an issue with RH. Mandrake on the other hand gave me a broken spellchecker in 2 out of three installs. 1 in 3 had no fonts in the taskbar and menu's of OpenOffice. I use the same CD's for all three installs. While these do not relate to security, I think a buggier product has a bigger chance that it is less secure.

Link to comment
Share on other sites
Guest ndeb

Guest ndeb

Posted
Posted
is this applied in 9.1?
Valid question. I think yes because I downloaded the cooker rpm usermode-consoleonly-1.63-5mdk.i586.rpm and ran 
rpm -qlp usermode-consoleonly-1.63-5mdk.i586.rpm

and got these pam files:

/etc/pam.d/halt

/etc/pam.d/poweroff

/etc/pam.d/reboot

/etc/pam.d/simple_root_authen

 

Note that /etc/pam.d/shutdown has been removed.

Link to comment
Share on other sites
aRTee Mandriva Guru

aRTee

Posted
Posted

ndeb and others, I just read your remark about the security issue here....

And actually, I quite disagree.

 

I'm sorry, but I fail to see the problem with this 'you can get root access by doing ... on the machine locally'

Anyone into security knows that physical access to a machine means they can get into the system and get to the data.

If need be by unscrewing the harddisk and plugging it into another system...

 

Real security means you physically lock the systems away.

 

Just boot your average system with a knoppix cd, and type sudo.

 

Or put in the mandrake cd and go through the install process (update, so you don't have to know the partitioning etc, without installing anything extra), and set another root password.

 

Or, in any company where they know what they're doing, try to walk into the serverroom with a couple of floppy disks and some cd's, and see if they let you get to their systems.

There are companies that secure their server rooms with touch sensitive floors, motion detectors and the like. You walk in there, somewhere lights start blinking, people check what's on the camera's and you can start waving to them.

 

A system should be secure from remote exploits, local exploits are in most cases acceptable for home users since they also have the rootpassword, since basically they are their own admin.

Local exploits in the sense of: when you're at that pc, not: by running this code...

 

You can say: but I can encrypt my hd etcetc. Ok, but what if your system gets hosed for some reason? And you can't get to your data anymore?

A secure system is one that no one can physically get to and that is protected against all remote exploits and intrusions etc... (so maybe, just not connected to anything..)

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing
×
×
  • Create New...