A Gut Check On Gutsy Gibbon

jammag writes "Linux pundit Bruce Byfield looked inside the pre-release of Gutsy Gibbon and found what he calls 'Windows thinking.' His article, Divining from the Entrails of Ubuntu's Gutsy Gibbon, notes that Ubuntu is the dominant distro, having achieved a level of success that might be leading to complacency. He opines: 'Only once or twice did I find a balance between accessibility to newcomers and a feature set for advanced users. At times, I wondered whether the popularity might be preventing Ubuntu from finishing some rough edges.'"

Wait for next

Hm, I guess it seems Gutsy Gibbon isn't quite up to stuff. Prolly oughta wait for the next edition, the more refined Hairy Hardon.

Re:Wait for next

Presumably you don't allow the root user to login at all. The only way to get to root would be with su. His statement, I'm guessing, is based on that premise along with having to break into a normal user account first, before being able to su to root. Of course, that doesn't take into consideration the numerous possible attach vectors that do not require first breaking a normal user and then breaking root.

For years I've never installed sudo because I liked the forced separation of privileges with different passwords. However, in an environment where numerous users need escalated privileges for different things, I have revised my thinking and enjoy the ability to provide fairly fine-grained controls on who/what people are able to access when raising privileges for specific tasks. Short of implementing SELinux, sudo gives me what I need for right now. I can see a day where SELinux will be more appropriate for some things, but until then...

Re:Wait for next

[spagetti_code]

Ok, not being able to install additional packages at installation is a big deal, but calling it a "security issue" is a little silly. No ports are listening on a default Ubuntu install. It doesn't need to be "secured".

No!

Not having to make choices at install time is EXACTLY the reason that ubuntu is good. After a couple of simple questions, you are up and running with a very well configured system with the best one of each type of app installed that most people want. You dont have a huge stack of apps installed that you dont need.

If that idea doesn't suit you, then I think you need a different distro. Dont go raining on ubuntu because its executing its plan well. (And by the way, that plan is exactly what the general population want/need).

Re:Wait for next

[thePowerOfGrayskull]

I'm just curious. I see this phenomenon where folks reply to an unrelated first post... this usually happens when there are already several replies to the article itself. Why does this occur? Let's not be disingenuous. We all know why it happens -- too many people saw that this was successful in getting their comments modded up in places like digg, and started doing it here too. And the mods encourage it -- they /should/ be getting marked offtopic, but that never seems to happen anymore. Before anyone objects - yes, I know that this practice did not originate with digg; but there is no denying that it has started happening a /lot/ more frequently since digg became popular. While that's not direct evidence of causation, it's still a pretty compelling circumstantial case.

Re:Wait for next

[init100]

Short of implementing SELinux, sudo gives me what I need for right now. I can see a day where SELinux will be more appropriate for some things, but until then...

I think that you have misunderstood what SELinux is all about. It is not a replacement for su or sudo, it is a completely different system. It allows the vendor/administrator to explicitly specify what privileges a specific process should have in fine-grained detail. Even though e.g. the apache account has read access to every file that everyone can read, SELinux enables you to specify that the apache process should be denied access to anything beyond its configuration file, its plugins and the web tree, even if it would have access according to the ordinary permissions system.

By restricting rights on this level of detail, a cracker exploiting a security hole in the apache process would not be able to access any file beyond those explicitly specified in the SELinux policy.

duhh

[thatskinnyguy]

Ubuntu isn't successful because it's an operating system for advanced users only (like Gentoo). It's successful due to being user friendly to people who are Windows users who are curious about Linux.

With Linux I've noticed that user control is inversely proportional to user-friendliness. Operating systems like Ubuntu are made with user-friendliness in mind and that comes at the price of user control. It's quick and easy to set-up and use which garners alot of favor from the Windows crowd.

Similarly, Gentoo gives the user complete control over what applications, drivers, daemons are installed but is by no means user-friendly.

The writer of TFA really did a whole lot of whining about how little control he had over the installation and initial software packages. What did he expect? It's Ubuntu.

Re:Name?

[dfdashh]

Who's to say that any name is lame or not? More importantly, who cares? A cursory glance beyond whatever moniker a distribution has is really needed before a decision is made to adopt it. If you judge based on a name, you probably shouldn't be in a position to decide anyway!

If you are really worried about the name as it relates to non-geek circles, use their numbering scheme instead. Gutsy Gibbon is Ubuntu 7.10 (https://wiki.ubuntu.com/GutsyGibbon).
Personally, as long as the Ubuntu guys continue to churn out an excellent product, I could not care less about the name.

Re:Name?

[Red+Flayer]

When dealing with the PHBs, feel free to use the version number instead, as that is the official name -- 7.10 for Gutsy Gibbon.

I just refer to it as Gibbon when necessary; when questioned about why the name Gibbon was chosen, I tell them it's to recognize the hard work of all the codemonkeys.

I haven't yet been challenged on the fact that Gibbons are apes, not monkeys, so I'm sticking to my story.

Re:Choices and Plurality

[kebes]

I agree with you.

TFA is not wrong in what it says, but perhaps it misses a point. For years people were begging for a "user-friendly" Linux distribution, where the user would "not be inundated with choices" and so on. Ubuntu arose with the aim to be "Linux for human beings," where an ordinary person would be able (with some guidance) to install, learn, and productively use the OS. The aim of Ubuntu is to fill that niche.

TFA discusses needing to find the balance between "simplicity for beginners" and "power for advanced users." But he seems to think that each Linux distro should be finding that balance--rather than accepting that the point of having multiple distros is that each one can strike a different balance. Ubuntu, clearly, is a distro that favors simplicity, because it is trying to capture some of the "mass market" of beginners. If you want the installation to expose lots of details to you, then there are distros that will make that happen (e.g. Debian).

Now, having made the case that each distro can and should strike a different balance, I still find the argument misses the mark. I like to consider myself a "power user" who tries to do technical things (run webservers, programming, etc.), and Ubuntu (Kubuntu actually) is my distro of choice. Frankly, once you "know Linux" it's trivially easy to find and modify all the hidden features. Once you open a terminal, you have access to all the power, customization, and advanced features of any other Linux distro.

Furthermore, many experts may prefer Ubuntu's simplicity, because it lets you get to the tasks you actually care about (and care about customizing) faster. It's nice to be able to complete a full install in 15 minutes (yes, I timed it), with no hassles, and then fine tune it as needed. As I said before--it's not like the customizations are not there. Just open a terminal, edit a config file, just like any other distro.

Security of Users vs Root security

[drx]

I actually wonder why there is still this big iron thinking about root and "unprivileged users", especially around a desktop distro like Ubuntu. I am the only user of my system. If someone breaks into my normal user account and deletes all files there it is the worst possible scenario. If it is done from root, there is not much of a difference. And unprivileged users can also serve as spam bots, they have all the access to a heap of scripting languages and whatnot -- so really, what is the difference?

Just because it happens to be Unix, some people seem to have a sysadmin reflex that tells them root is more worthy than others.

Re:Security of Users vs Root security

[dfgchgfxrjtdhgh.jjhv]

root gives them full control over your system, they can set daemons to run at startup, mess with system files, delete/modify every users files & any other file they want, run services on privileged ports (1024), install trojans, rootkits, delete/modify log files, and anything else they want.

a root compromised means a full system rebuild. reformatting all drives & reinstalling from trusted media & the last known good backups. you cant trust anything on the system, or any backups taken since the hack. you might not even know the date of the hack, nevermind how they got in, or what they did, if they cleaned the logs.

if a normal user account gets hacked & you're sure root hasnt been compromised, you could just delete the user, fix the vulnerability & restore the files from backups. you still have the log files, which will help give clues to how & when you were hacked.

having your user account hacked is obviously very bad, but if they get root, its as bad as it gets, even on a single user system.

btw, if your personal files mean a lot to you, you should take regular backups.

Re:Name?

Gibbons are apes, not monkeys.