Is Mandrake really more secure than Lindows/MS-Windows ?

[Guest ndeb]

http://www.mandrakeusers.org/viewtopic.php?t=3626

[Counterspy 0]

You have highlighted an ongoing problem where getting the distro out the door takes precedence over bug-fixing. Mandrakesoft has never cleared out all of the bugs and does so by minimizing them to insignificance. Nothing short of an email to the new CEO will change the habits of some employees. They continue to flog things like supermount instead of making an autofs configurator is one example. Peronally, I would like to take Duval and duct tape him to the Eiffel Tower with a sing reading "Failed Executive".

 

Was it really Red Green who turned us on to the magic of duct tape?

 

Counterspy

[Guest ndeb]

I fully agree. And the excuse is always "we are working on the next release ....". If this is the way these people work then there is little hope of survival. As for supermount, I have already reported bugs with their latest versions (mandrake-9.1rc2). It appears that many of these employees are probably disgruntled and don't want to do their job well even when hundreds of users are ready to help them out. I reported 20+ bugs in mdk-9.1rc1 and most of them were not fixed in mdk-9.1rc2 either. I can bet that even a 9.1rc5 will have tons of bugs.

 

Also, the issue of security updates raises an important question: how many updates actually fix the bugs they claim to fix? Nothing is worse than a false sense of security.

[SoulSe 0]

Is Mandrake really more secure than Lindows/MS-Windows ?

Yes.

[Guest ndeb]

Is Mandrake really more secure than Lindows/MS-Windows ?

Yes.

It is now, with the real update from http://www.mandrakesecure.net/en/advisorie...DKSA-2003:031-1 . If u have not applied the real update, don't be so sure about mandrake security. And this is mandrake-specific since redhat fixed this 2.5 years ago.

[SoulSe 0]

NOTHING is secure, until you make it that way. Look at the security issues WinXP had to address with the first service pack.

 

If I share all my folders and disable my firewall, no matter what system I am using, I am screwed. The question itself is silly.

 

"Are Toyotas more secure then Nissans?" Well, depends on whether or not you are wearing a seatbelt, doesn't it

[pmpatrick 0]

Many think that none of the current OSs are nearly as secure as they should be i.e. they all suck. It's like arguing about who is the world's tallest midget IMHO. If windows is a house with 20 doors open and linux only has 10 does that make it twice as secure?

[ral 0]

I don't know about security, and am not a Linux expert. But having tried two versions of Linux, I see Mandrake as a more cutting edge distro but at the same time a buggier less refined product than RedHat. RedHat seems to be a more conservative distro but where things work better out of the box.

 

I have installed both distro's in at least 3 machines... and never had an issue with RH. Mandrake on the other hand gave me a broken spellchecker in 2 out of three installs. 1 in 3 had no fonts in the taskbar and menu's of OpenOffice. I use the same CD's for all three installs. While these do not relate to security, I think a buggier product has a bigger chance that it is less secure.

[Guest c_m_f]

Is Mandrake really more secure than Lindows/MS-Windows ?

Yes.

It is now, with the real update from http://www.mandrakesecure.net/en/advisorie...DKSA-2003:031-1 . If u have not applied the real update, don't be so sure about mandrake security. And this is mandrake-specific since redhat fixed this 2.5 years ago.

 

is this applied in 9.1?

[Guest ndeb]

is this applied in 9.1?

Valid question. I think yes because I downloaded the cooker rpm usermode-consoleonly-1.63-5mdk.i586.rpm and ran

rpm -qlp usermode-consoleonly-1.63-5mdk.i586.rpm

and got these pam files:

/etc/pam.d/halt

/etc/pam.d/poweroff

/etc/pam.d/reboot

/etc/pam.d/simple_root_authen

 

Note that /etc/pam.d/shutdown has been removed.

[aRTee 0]

ndeb and others, I just read your remark about the security issue here....

And actually, I quite disagree.

 

I'm sorry, but I fail to see the problem with this 'you can get root access by doing ... on the machine locally'

Anyone into security knows that physical access to a machine means they can get into the system and get to the data.

If need be by unscrewing the harddisk and plugging it into another system...

 

Real security means you physically lock the systems away.

 

Just boot your average system with a knoppix cd, and type sudo.

 

Or put in the mandrake cd and go through the install process (update, so you don't have to know the partitioning etc, without installing anything extra), and set another root password.

 

Or, in any company where they know what they're doing, try to walk into the serverroom with a couple of floppy disks and some cd's, and see if they let you get to their systems.

There are companies that secure their server rooms with touch sensitive floors, motion detectors and the like. You walk in there, somewhere lights start blinking, people check what's on the camera's and you can start waving to them.

 

A system should be secure from remote exploits, local exploits are in most cases acceptable for home users since they also have the rootpassword, since basically they are their own admin.

Local exploits in the sense of: when you're at that pc, not: by running this code...

 

You can say: but I can encrypt my hd etcetc. Ok, but what if your system gets hosed for some reason? And you can't get to your data anymore?

A secure system is one that no one can physically get to and that is protected against all remote exploits and intrusions etc... (so maybe, just not connected to anything..)