Slashdot Mirror

← Back to Stories (view on slashdot.org)

Desktop Linux Sliding in Under the Radar?

Posted by Cliff on from the stealth-penguinistas dept.

Paul Johnson asks: "This article at ComputerWorld describes a sysadmin's discovery that many people in his company are installing Linux on their desktops without consulting IT. The writer is concerned with the security implications, but there is a wider issue. At present the 'official' penetration of Linux into the desktop market is something around 1%. The writer of this article doesn't give figures, but it sounds like he may have stumbled on several times that percentage of desktop Linux installations. If so then this is an important trend. Linux got its foot in the datacentre door in exactly the same way a few years ago, with unofficial installations doing odd server jobs. If you are a sysadmin, in an organization that runs Windows on the desktop, have you stumbled on many unofficial Linux installations?"

6 of 742 comments (clear)

  1. Undercover LINUX by Anonymous Coward · · Score: 5, Interesting

    I work at the comptuer science department of a major universtiy, we've got runaway LINUX everywhere. We've gone so far as to restrict our switches by MAC address and no longer allow anyone in our network unless they tell us what OS they are running and have installed all the security updates.

  2. Unofficial installations by cfl · · Score: 5, Interesting

    In a previous job I've found Linux and BeOS
    desktop installations. While I was pro alternatives to Microsoft, there was the concern about security - e.g. open e-mail relays, unpatched servers. The company ended up with a policy of permitting Linux on the desktop, but not supporting it. If you had an application issue - you were on your own. The only users that ran it had a clue and we didn't run into issues. Being a research environment, Linux ended up replacing SGI systems as the scientific workstation standard.

  3. Does this count? by AWrinkler · · Score: 5, Interesting

    In the last infrastructure upgrade we did, all 60 machines were identical:
    FreeBSD 4.7, autostart XFree86,
    full-screen RDesktop to central Win2k Terminal Servers.

    User's still think they have a windows
    box(windows splash screen on boot).

    Does this count?

  4. Re:they better not by Chewie · · Score: 5, Interesting

    they almost certainly would have no antivirus software

    Oh, for the miniscule number of Linux viruses?

    no agents for our desktop license management

    Since *most* software that requires license management is either Windows-only or hard for Joe User to come by, I don't see this as a huge problem either.

    and almost certainly wouldn't be keeping up with security updates.

    Ah, now this is a real concern. I would hope that your company has firewalls, but I can certainly understand not wanting them to be your *only* line of defense.

    the users don't own their machines - the company does. if they want to piss around with _any_ os, let them do it on their own time, on their own network, and on their own equipment.

    I can certainly understand this. When you're responsible for eleventy jillion desktops, you can't have people going rogue on you. At least not without knowing that if you have to come fix their PC, it's getting reimaged.

    Now, I personally happen to run a stealth RH install, dual-booting to Win2K for when I just have to do something in Windows. My workstation, however, is well-secured, and has updates applied regularly. I have *never* had to bug the IT department, and my workstation is exceedingly well-behaved on the network. If the IT department decide to be real hard-asses about it and reimage me, I'll understand. Doesn't mean I won't be cranky, though. :)

    --
    49 20 68 61 76 65 20 74 6F 6F 20 6D 75 63 68 20 66 72 65 65 20 74 69 6D 65 2E
  5. Re:This is unexpected? by Jedi+Alec · · Score: 5, Interesting

    assuming for a second that the person involved is actually able to install Linux(not stuffing a CD-Rom and/or floppy drive into a machine does wonders) and has sufficient rights under Win2k/XP the answer would be to reduce the main partition a bit in size using for example partition magic, and then happily installing mandrake on the side. Red hat might be an option too, but that'd require installing NTFS "support" separately, which, otoh, isn't all that hard to do either...

    From a personal perspective, my previous employer didn't give a rat's ass what OS I ran, as long as it ran the software we used. The reply I got when I asked if I could was something like "oh sure, but you do it on your own time, and if it breaks, don't come whining to us..."

    --

    People replying to my sig annoy me. That's why I change it all the time.
  6. Re:Not exactly ... by tkg · · Score: 5, Interesting

    Well, my employer allows virtually any os that a given user might need to run (we're a research facility). The IT people do regular vulnerability scans of the network and the linux users that I know (myself included) have never failed to pass the scan. The same can't be said for most of the MS users, or event the Solaris users for that matter. I don't hear much from the MAC users.

    I guess my point is that it is not so much what os a person runs as it is the IT policies and how well they're enforced. Keep up with security patches, don't install untrusted software, good password policy, etc. These things aren't unique to any particular desktop OS and any user could potentially violate them. However, any user that depends on their system for everyday tasks isn't going to intentionally munge it up since they lose the use of it while you may be inconvenienced with rebuilding it. There is always the danger of the 'malicious insider' and we risk it every summer with an influx of student help that always includes some idiot that will try 'bad things'. Deal with them swiftly and harshly and make sure everyone knows about it and you can keep it to a minimum, but you can never eliminate the risks completely.