Torvalds Calls OpenSUSE Security 'Too Intrusive'

jfruh writes "The balance between security and ease of use is always a tricky one to strike, and Linux distros tend to err on the side of caution. But no less a luminary than Linus Torvalds thinks openSUSE has gone too far. When his kid needed to call from school for the root password just so he could add a printer to a laptop, that's when Linus decided things had gone off the rails."

Only root?

[busyqth]

Bah! Back in the day we recompiled the kernel to add a printer!
AND WE LIKED IT THAT WAY!!

Re:Only root?

Wow, newfangled drivers in the kernel... Back in the day, we had to manually pull the bits out of the computer, put them in a bucket, and transport them to the printer manually!

Re:Only root?

Back in the day? People using FreeBSD are still doing that shit. And yet they'll claim that their OS is superior to any Linux distribution in any way. Except, you know, in the case of usability for a desktop, in which case it's a fucking catastrophe.

Re:Only root?

[Toe,+The]

You mean sneakernet? That's nothing.
Back in the day, we had to manually place dots onto the paper using a handheld carbon-marking device.
On the plus side, it did have an undo function built right into the final product.

Re:Only root?

[fuzzyfuzzyfungus]

Only if your printer sucked. If you had a real printer you could just cat the postscript to whatever device it was connected to...

Re:Only root?

I love these responses. "It's not broken, incapable software, you just have to buy a different printer. Noob."

Re:Only root?

[busyqth]

Back in the day postscript didn't exist.
"lp0" stands for "Line Printer 0" -- you know, 132 columns, tractor feed, green-and-white-striped paper, massive clattering mechanical wheels spinning.
Now GET OFF MY LAWN!

Re:Only root?

Only if your printer sucked. If you had a real printer you could just cat the postscript to whatever device it was connected to...

And that's why the year of Linux on the desktop will always be next year.

Re:Only root?

[jd]

Papyrus? Pah! Youngsters! Back in my day, we had to find a granite boulder to carve the letters into. With a herring!

Re:Only root?

[busyqth]

That only works with frozen herring.

Re:Only root?

[Chrisq]

Papyrus, luxury.

In my day we had to invent writing, hew a stone from the quarry, and wear the letters into the tablet by rubbing it with our noses. And if we handed it in late you'd have to write it out a hundred times before the morning. It was so bad we would still be working on our first grade when we died of old age. They thing is, tell that to the kids to day and do they believe you?

No!

Re:Only root?

[ChrisMaple]

Postscript is an Apple conspiracy, designed to wear out electrons by sending too many of them through the printer cable.

ASCII only!

Re:Only root?

[Bill_the_Engineer]

I think you meant Adobe.

Re:Only root?

[jameskojiro]

Pheromone Trails, are you kidding me, back in my day we used to have to encode chemical messages in our DNA over many generations before we could pass them on to our offspring.

Re:Only root?

[busyqth]

I still do that.

Re:Only root?

[An+ominous+Cow+art]

You could still simply send your file to the printer and it would print, though. And if the file happened to have (the right) embedded printer control codes, it would even look nice.

C:\> TYPE AUTOEXEC.BAT > PRN:

$ cat readme.txt > /dev/lp0

It was all good :-).

Re:Only root?

That's because there was this thing called a "line printer device driver" that was... wait for it... compiled into the kernel.

Re:Only root?

Postscript is an Apple conspiracy, designed to wear out electrons by sending too many of them through the printer cable.

That's why you need a Monster Cable. The larger conductors and lubricated sheathing minimize wear. This both maximizes cable lifetime and ensures that the bits better retain their shape as they transit the cable.

Re:Only root?

[Bengie]

"stuff that does the dirty work for you automatically"

ahh, the Windows method. Works great until something breaks.

Re:Only root?

[Ihmhi]

That only works with frozen herring.

Are the frozen herring red by any chance? I've been looking for one forever but can never quite seem to find it.

Re:Only root?

[Bengie]

More like "you bought the wrong one, so suck-it-up and learn from your mistakes"

Re:Only root?

[rrohbeck]

And it failed right when we were standing round it in a group so nobody would see it printing the latest user account/password list we had "found." Oops. We ripped the paper out, canceled the print job and got out of there.

Re:Only root?

Bingo! Like a lot of people here, I'd guess, I've been experimenting with and (sometimes) even seriously using Linux since its earliest days. And it's been clear to me (and others, I'm sure) that Linux will NEVER make it on the desktop unless there's a massive change in its ergonomics.

For years the argument was that it was too hard to install. Well, that's been fixed years ago. I'm sure there are still some weird corner cases where it's still a pain, but by and large we can cross that one off the list.

The biggest problems with Linux are still device support and compatibility with what the user wants to do. (I don't count things like the hostile-to-noobs online environment, since most noobs never see that.) A user coming to Linux today almost always has an existing infrastructure to support, including hardware devices, favorite and/or needed software, and his/her own experiences and knowledge. Any Linux distro you can name scores from "fair" to "lousy" on those three categories depending on the distro and the user's specific circumstances, which is more than enough to send the person running back into the greedy, slimy arms of MS or Apple.

Even after all these years I still haven't completely given up because I desperately want Linux to give me a Get Out of MS Jail Card. I still download and test drive new versions of the major distros in VirtualBox, and I inevitably see the same thing: Nicer package overall, improved esthetics, and some tasks made much easier, but I still can't use it as my main work OS at a reasonable cost in terms of effort and hassle. I've reached the point of saying I like Linux the same way I like eggs: Made into something else (i.e. an embedded system/baked into muffins or a cake) so that I don't even see it.

Oh -- and wasn't Torvalds the one who famously said years ago that Linux developers were making a mistake by trying to cater to users? He should be the last one surprised by the state of Linux.

Re:Only root?

[Grishnakh]

There's some different issues here. Postscript (or PDF) printers are definitely superior to others, for good reason: they accept documents in a standardized format, and don't require special drivers. The only "drivers" needed are extremely simple, mainly to tell CUPS how many trays your printer has, and let you select the input and output trays, select duplexing, stuff like that.

Drivers that don't accept Postscript (or at least some other de facto standard like HP's PCL) have to have special drivers to convert your PS/PDF file into something the printer can understand, which isn't just a document description language, but rather something more like machine code to tell the printer exactly how to move the print head around and spray ink--these cheapo printers don't have much in the way of processing power, and rely on the host to do the processing for it. This means you need a special driver (which doesn't necessarily mean kernel driver, usually these printer drivers just run in userspace), which of course has to be supplied by the manufacturer since they're the only ones who really know how the printer works inside. Everyone even semi-knowledgable about computers should know by now that relying on mfgrs to supply drivers for Linux is generally a losing proposition, so these el cheapo printers should be avoided at all costs.

Setting up Linux to print to any decent office printer is usually a very simple affair: just find the printer, then select the manufacturer and model from the huge lists provided by CUPS, and off you go. Whether it's an HP LaserJet, a Ricoh, a Xerox, etc., it can print to any of these things. But a $30 piece of shit inkjet? Forget it. This has been the case for as long as $30 inkjets have been around, and hasn't changed, and it probably isn't going to change either, unless at some point in the future MS's near-monopoly collapses and Linux desktop systems start becoming popular (sort of like the way that many different phone makers sell their phones with different versions of Android on them, and these are doing quite well in the marketplace).

Re:Only root?

[jedidiah]

> The biggest problems with Linux are still device support and compatibility with what the user wants to do.

Nonsense.

The main problems are some notable highly proprietary walled garden holdouts and the dregs of the PC platform. For the rest, the level of support in Linux is not nearly as bad as some trolls would have you believe.

Linux faces similar challenges to MacOS in this regard.

Re:Only root?

[Barefoot+Monkey]

Are the frozen herring red by any chance? I've been looking for one forever but can never quite seem to find it.

Wild geese are known to hunt herrings of that colour. What you should do is look for a wild goose and follow it to see where it goes. That will surely be the best fishing spot for you.

Re:Only root?

[Grishnakh]

Linux on the desktop still has its problems, but printing is not one of them. Printing works great, and has for years. There's just a small catch: you can't expect to buy some piece-of-shit $30 inkjet and get it to work. You need to buy a decent printer. Generally anything by HP is fully supported, any kind of business printer is well-supported, and you can also get ~$100 laser printers these days from Samsung that have Linux support. If $100 is outside your budget for a printer, then you need to reevaluate your priorities and spending habits. $30 printers are a bad choice no matter what OS you're using; they're just a way for mfgrs to gouge you on ink supplies. Maybe someone more knowledgable about Apples will correct me here, but I don't think the situation is all that different with Macs; you can't buy just any random cheap shitty hardware device and expect it to "just work" on a Mac, you only get that when you buy Apple hardware or hardware that's specifically made to work with Macs and advertises that on the box. You can't hold Linux to a higher standard in this regard than Apple.

As for Linus, he works on the kernel only (and he made a really nice revision control system). Userspace isn't his expertise; it's like asking one of the engineers who's working on a rocket engine design what he thinks about the direction of space exploration (manned vs. unmanned, should we build a base on the moon, or mars, or send people to an asteroid first, etc.). He might have an opinion, but these policy and funding questions aren't really his domain at all, so you take his opinion with a grain of salt, even if his rocket engine design is really kick-ass. The Linux kernel is a great kernel, but Linus doesn't have any control over what the distros do with the systems they build on top of it. He can't help it if a bunch of them are putting shitty cellphone-esque UIs on it, or breaking things that used to work just fine.

Re:Only root?

[Barefoot+Monkey]

Postscript is an Apple conspiracy, designed to wear out electrons by sending too many of them through the printer cable.

I think you meant Adobe.

Adobe is an Apple conspiracy! Just look at the first and last letters. Do you think that is merely a coincidence?

Re:Only root?

Offspring? Bah! Back in the day essential communication was performed by passing around an apple. Oh wait...

Re:Only root?

[Grishnakh]

Not quite. There's never been printer device drivers compiled into the kernel. There were printer port drivers, but that's different; they just set up a virtual device at /dev/lp0 (or "PRN" in the case of DOS), and let you send data to it, so the data comes out the DB25 port on your PC. They had no control over the printer whatsoever.

Those old dot-matrix printers accepted ASCII text input, along with some control codes (other ASCII characters). So once you had a way to send ASCII data over the cable, the printer would just print anything you sent it, as-is. There was no "driver" needed at all.

Re:Only root?

[An+ominous+Cow+art]

As Grishnakh describes, in those days, the kernel's drivers were for the ports, not the printers attached to them.

Re:Only root?

[omnichad]

And it really shouldn't be that hard. If you make a print driver for Mac OS X, you likely already have a CUPS ppd created.

Re:Only root?

[Rob+Y.]

Those HP printers can be made to work great, but you still need to do some serious Googling to find out that you first need to turn off the automatic USB-based Windows install disk that the printer appears to be when you plug it in. Then some more Googling to find out how to do it.

Pretty odd that HP goes out of its way to provide drivers for its printers and then doesn't bother to even warn you about this USB drive behavior.

Re:Only root?

[Eil]

It's somehow the (free) operating system's fault because printer manufacturers design their hardware around yet another half-baked printing protocol instead of just using a standard that's been around for decades?

Re:Only root?

http://unix-tree.huihoo.org/V5/usr/sys/dmr/lp.c.html

Re:Only root?

DNA?

Back in my day, we had to invent subatomic particles in order to have a universe to communicate in!

Re:Only root?

[Larry_Dillon]

I remember having to recompile SCO to add a COMM port.

Re:Only root?

[Ihmhi]

I should be able to set aside some time next weekend when my friends and I go snipe hunting.

Re:Only root?

[tftp]

It's somehow the (free) operating system's fault because printer manufacturers design their hardware around yet another half-baked printing protocol instead of just using a standard that's been around for decades?

Nobody in his right mind should pay for a separate CPU and RAM and everything else in a printer if the host can do all that, faster, and at zero cost. Rendering PostScript is not exactly a trivial matter. Printer manufacturers do the right thing here. What they aren't doing right is that they don't provide drivers for Linux. On the other hand, quite a few Linux users gave up on the desktop long ago.

Re:Only root?

[lindi]

My printer (Samsung ML-2010R) eats bitmap data so I don't need to worry about bugs in proprietary postscript or PDF parsers. I can also get pixel accurate print previews and complexity of my document does not have any effect on how many pages per second the printer can print.

Re:Only root?

[DarwinSurvivor]

Our printer is basically incompatible-proof. Not only does it accept PS, PDF, etc but you can actually FTP the pdf or PS file directly to it on port 21. The same can be done for firmware upgrades, just FTP the badboy and watch it do it's magic.

Sometimes I love HP for making things so damn simple!

Re:Only root?

[DarwinSurvivor]

I've never heard of this, how old is the printer you are referencing? The only printers I've had trouble using in linux EVER was lexmark. And we've owned about 3 HP business class printer in the last 5 years (we print dozens of pages a day EVERY day, 1 of the upgrades was just to get one with cheaper toner).

Re:Only root?

[Hatta]

Setting up Linux to print to any decent office printer is usually a very simple affair: just find the printer, then select the manufacturer and model from the huge lists provided by CUPS, and off you go.

Unless it doesn't. My HP LaserJet 1300n hasn't printed in weeks. I did all that, got the printer installed in CUPS and printed a test page. It got an error building the PDF. Try to print from any other application, including lp, and it sits there 'processing' indefinitely. Doesn't even throw an error I can track down.

Re:Only root?

[Rich0]

And then you have my $300 workgroup color laser printer that was working great for years until a few weeks ago, and now I can't get it to work with the latest cups...

One of these days I'll get around to getting it working again. Maybe. Until then I guess I'll be using the windows drivers. Ironically enough this printer was pre-64-bit windows and yet its drivers work just fine on 64-bit win7.

Re:Only root?

[waveclaw]

$30USD 'crappy' inkjets or $70USD multi-function fax/printer/scanner are not what you or I would call a printer. Or a fax, scanner, et cetera.

These are Windows OS accessories.

This hardware may not be made by Microsoft or a Microsoft subsidiary, but they are for all intents and purposes just an add on to their existing software product(s). Using a standard does not enter into the design consideration, unless one means MSDN documents.

If Linux, and I do mean the kernel, wants to interact with this type of hardware it has to replicate the functions of the Windows OS the device requires. The observant will be making comments about user-space drivers talking to raw hardware connections at this point. The bitter will mumble about "it's Linux, not ReactOS."

The funny people will just make jokes about dialogs for root access being the distribution equivalent of an IE pwn-my-system pop-up. However, many traditional UNIX user-space processes that talk to hardware have had permissions problems like Linus is complaining about.

Getting lots of little bits of software, each running under their own users and groups, to talk together is annoying at best and horridly bad most the time. Add various users into the mix and the UNIX groups-are-how-you-share model just falls over. Bad permissions, for lp and printer software in particular, appear to be the norm. In one system you have SETUID executables and SETGUID directories spreading like kudzu in the filesystem. Others with equivalent-to-god accounts (oracle anyone?) plus the yellow-sticky with the password getting passed around the office. In another, everything pretty much just runs as root, bypassing any Discretionary Access Controls and screaming at users to put in their keys to the kingdom just to get a photo to spit out of the damn laserjet.

It almost makes one pine for an implementation of Capabilities.

But that still won't solve the winmodem hole. Fuse for printers, perhaps?

Re:Only root?

[Kjella]

Setting up Linux to print to any decent office printer is usually a very simple affair: just find the printer, then select the manufacturer and model from the huge lists provided by CUPS, and off you go. Whether it's an HP LaserJet, a Ricoh, a Xerox, etc., it can print to any of these things. But a $30 piece of shit inkjet? Forget it

Here's a $30 printer that works perfectly under Linux, not that I've tried this particular one. It's more a matter of brand than price, some companies just have shit support and others are quite good.

Re:Only root?

[Grishnakh]

Yes, that's definitely true. HP and Samsung, I believe, are also very good with their Linux support. But the more expensive the printer, generally the better the chances for support, since when you get into Postscript/PDF printers, it's pretty hard for Linux to not support them. But good call on the Epson; I didn't realize that any of the low-end models like that were supported these days.

Re:Only root?

[aztektum]

And if you flip the d and b around a bit, cut the o open and straighten... OMG!

*dons tinfoil hat*

Re:Only root?

[Dahan]

No, Adobe's implementation of PostScript is licensed. The specification itself is not--you can download a copy for free. There are numerous third party PostScript implementations. E.g., many Brother printers have "BR-Script". PhoenixPage is/used to be popular too.

Re:Only root?

[Dahan]

Oh, and is a GPLed implementation of PS, but (AFAIK) you won't find that on an actual printer.

Off-topic side note that I was reminded of when I was thinking of Ghostscript... Artifex quietly dropped their MuPDF GPL infringement suit against Palm a while back. There was a lot of reporting on the original suit, but nobody seems to have paid attention to the outcome. Apparently, Artifex found out that they can't actually license code under the GPL, but then impose additional restrictions on it (like require money) when a big company uses their GPL code.

Re:Only root?

[jrumney]

If you had a real printer you could just cat the postscript to whatever device it was connected to...

You mean like:

crw------- root root 6, 0 lp0

Re:Only root?

[DarwinSurvivor]

It wouldn't be a user-error that would cause that. There isn't a "print" and "firmware" folder, the printer detects the file type. If it's a PDF/PS, it prints it. If it's a firmware image, it installs it. If it's something else, it discards it.

Your point is well take though. I always new network printers posed a security threat, but I never knew just how EASY it is to mess with them remotely until I went through the documentation of ours.

Re:Only root?

[AmiMoJo]

Sounds more like her school bought the wrong one. Compatibility matters.

Re:Only root?

[datavirtue]

Granite! Granite?! When I was a boy we used clay tablets and cylinders.

Re:Only root?

[Raven42rac]

When trying a new distro, I usually judge its usability in how easy it is to install a printer and then print to it. That's generally my canary. And also: http://www.openprinting.org/printers

Re:Only root?

[hairyfeet]

Bah! Spoiled users on the coasts, we had to use our fists! No damned coast to get any herring out of for us, no! We'd just punch the letter by taking different bits of rock to shape the letters and gluing them to our fists with spit! of course this also helped the youngsters to be patient because one badly timed "Is it done yet?" and you were liable to have an E permanently embedded in your forehead!

Re:Only root?

[hairyfeet]

So in other words 'Not our fault, blame the other guy" right? Well let me clue you in...NOBODY CARES, we really don't, if it doesn't work IT IS YOUR FAULT and we don't care about your excuses, its "broken" and we'll take it back or like Linus throw it away for something else. I wonder how long until his kid goes "Dad can't I just have Windows? It works for everybody else and its nice"?

FOSS better wake up and get their A games on or they are gonna be run over like a bug in the windshield of a Mac truck. The future is CONSUMERS in flaming 50 foot neon, this is why Apple is now the biggest company on the planet, why MSFT is better everything on Win 8, and you bring....excuses? nobody cares, and unless you want FOSS to be a niche as teeny tiny as those who will be programming for Raspberry pi you better wake up and smell the future. You think your niche is tiny now? Wait until MSFT announces Win 8 HP is $50 and the triple pack is $100, what few home users you have that aren't zealots will bail because of stupid crap like TFA.

Re:Only root?

[billcopc]

Ahh, another religious wingnut.

A printer is a device whose job it is to deposit ink or toner on a piece of paper, according to instructions fed via a data transport, be it a cable, wireless network, or storage device. Postscript just happens to be the messy protocol Linux printing developers decided to settle with, presumably because, like most other fundamental tenets of open-source software, they couldn't be bothered to target the actual open-source software user's hardware. Same reason we have spotty support for mainstream sound cards, but thousands of obscure network adapters work just fine. Tunnel vision and snobbery.

In practice, over 15 years of using Linux on a daily basis, I've only encountered maybe 20 different network adapters across thousands of machines: Realtek NE2000 clones, Intel PRO 100/1000, Marvell Yukon, and back in the day DEC Tulip. Dare I say, it is more reasonable to support relatively expensive printers the users actually own, than a gazillion cheap NICs that have never been seen outside of Malaysia.

Re:Only root?

[billcopc]

I get what you're saying, and I know the majority of home-use printers have little in the way of brains, just a glorified servo-controller with sensors. That said, if you already have a graphical representation of the document you're printing, it is a simple matter to transform this bitmap into striped data for a printer. Dare I say, before the advent of fancy-schmancy VESA graphics cards and their linear framebuffers, we had to do something similar for any EGA or VGA graphics, splitting our colours out into bitplanes and tiles, since that's how those dumb graphics chips worked.

We could have simple print drivers if there was a common framework to program against. Do you really think Canon, Epson and friends reinvent the wheel with every single device ?

Re:Only root?

[billcopc]

This is yet more zealotry.

If a device has the capability to print, it is a PRINTER.

15 years ago, we were up in arms with WinModems, because these did not work in Linux. Why ? Because instead of implementing a serial interface and their own hardware DAC, they were little more than sound cards with an RJ11 jack. This moved the burden of encoding the audio stream to the host CPU, and why not ? It resulted in much cheaper modems due to ditching an expensive and license-burdened encoder chip. Linux had to catch up, but instead of doing so, people bitched and moaned all day long.

Printers and winmodems do not require the Windows OS. They require device drivers that go beyond what we were doing 15 years ago, but that's where Linux is right now. That's all it supports, and with that misplaced anti-MS sentiment you just love to spread, that's where it will stay, because the last thing a guy like me wants to do is slave for dozens of hours over a device driver that will benefit an insatiable finger-pointer like you.

Re:Only root?

[billcopc]

They still are.

User-space software translates whatever fancy document format into a flat bitstream, suitable for catting to the printer port. Bits is bits, the kernel does not need to bother itself with their contents.

Re:Only root?

[Grishnakh]

I don't know what Canon and Epson do with their low-end devices, but they probably have some kind of proprietary data protocol (over USB, though many low-end printers these days also support Wifi and ethernet), and this could very well depend on the mechanics of the printer. It probably wouldn't be a trivial matter to reverse-engineer this protocol and figure out all the options, though it's probably doable with a USB sniffer and a Windows box. The question is: how many people really want to bother doing this, and have the necessary skills and equipment? And then do it again (even if it's much easier) and again for every different device?

With PS/PDF printers, if the mfgr doesn't want to support the printer in Linux (which is rare for that class of printer), it's pretty easy for someone knowledgeable to figure out how to make it work; generally it just involves sending a standard PS or PDF file to the correct network port or using some similar mechanism. The only difficult part is creating a .PPD file for that printer model that specifies its paper trays, duplexing option, etc. But this is a pretty far cry in difficulty from the above. A skilled coder can probably bang out a PPD file for a PDF printer in 20 minutes, but getting one of those low-end printers to work with no specs is a much more serious matter. Smart Linux users (who are also the ones with the skills to create these drivers if they want) are probably going to generally take the path of least resistance, which is just buying a printer that has good Linux support. They're easy to find and cheap (you can even buy business-class printers dirt cheap on Ebay), and don't have many of the problems the low-end printers have, such as extremely expensive ink, ink drying up, cheap mechanicals that break down after a year, etc.

Too much root is not a good thing

[Toe,+The]

I see this on Macs a lot. If you want to install anything, you have to type an administrator's password.

In theory, that's great. But in effect, you are giving that installer root access. So if I understand correctly, that installer could be putting any amount of spyware (or whatever) into your computer and nearly perfectly cover its tracks.

Otoh, many Mac apps are distributed as disk images, where you simply drag them from the image to your drive, and that's it. No password at all. If you're going to use pre-rolled software, that certainly seems more trustworthy. But of course, it is a lot more complicated of a process for the average user to be able to ever understand.

Re:Too much root is not a good thing

[Trepidity]

Otoh, many Mac apps are distributed as disk images, where you simply drag them from the image to your drive, and that's it.

Yeah, but the typical place you want to drag them to, at least to take advantage of the normal OSX UI, is the /Applications folder, which isn't writable by non-admin users by default.

Re:Too much root is not a good thing

[hobarrera]

That's the huge advantage of software repositories. You give the package manager priviledges, but the OS packages already checked the packages, so it's "safe enough".
Other software (games), can be installed at a user-level, instead of system-level.

Re:Too much root is not a good thing

[dgatwood]

I would argue that for most users, the place they would drag them is into their Dock. Where the Application physically lives isn't that important.

Re:Too much root is not a good thing

[tepples]

The three settings in Gatekeeper are "trust only programs signed directly by Apple" (Mac App Store only), "trust only programs signed with certificates signed by Apple" (Mac App Store and paid developer IDs only), and "trust all programs". Say someone is thinking of buying a Mac today. For how many future releases of Mac OS X do you anticipate "trust all programs" remaining available?

Re:Too much root is not a good thing

[Trepidity]

If you drag from the .dmg volumes that OSX apps are typically distributed in to the dock, though, the dock icon will point to the app inside of the .dmg, and the link will stop working if you ever unmount the volume.

Re:Too much root is not a good thing

[mikael_j]

I've never heard of anyone even trying to do that, the standard installation procedure on OS X is to drag the .App bundle/dir to /Applications.

Re:Too much root is not a good thing

[adavies42]

the annoying thing is it's apparently possible to include a current-user (~/Applications) option in a standard Apple installer package, it's just almost never used. i see it in maybe 10% of the stuff i install....

Re:Too much root is not a good thing

[Deorus]

For as long as OS X remains a Unix system intended for development and content production. This question makes absolutely no sense.

Re:Too much root is not a good thing

[lakeland]

Of course, this is why the Mac App Store is shifting to using jails instead of providing installers / disk images...

Re:Too much root is not a good thing

[sammy+baby]

Otoh, many Mac apps are distributed as disk images, where you simply drag them from the image to your drive, and that's it. No password at all. If you're going to use pre-rolled software, that certainly seems more trustworthy. But of course, it is a lot more complicated of a process for the average user to be able to ever understand.

Too complicated for the average user?

Most of the time, those disk images come with a shortcut to the system applications folder. The folder background will have text saying something like, "To install, drag this (arrow pointing to the application package) to here (arrow pointing to the shortcut)." I have never seen anyone stymied by this.

Re:Too much root is not a good thing

[PhunkySchtuff]

No it still works, and I see this all the time with Skype. You drag the icon to the Dock from a dog (that lives, say, in your Downloads folder).
After you reboot, when you launch the app, OS X will find the dog, mount it and launch the app as if nothing unusual is happening.

It drives me crazy to see all these people running Skype directly off the disk image. I don't know why it's most commonly Skype, especially considering the pretty picture Skype has inside it's disk image showing you to drag the icon to the (alias to the) Applications folder right next to the Skype icon.

Re:Too much root is not a good thing

[PhunkySchtuff]

I see people do this all the time, especially with Skype.
See my post above...

Re:Too much root is not a good thing

[Toe,+The]

They download the image, and then (hopefully) think to double-click on it, but... nothing happens! The program doesn't launch! What's wrong with this stupid thing!?

You've never seen that? Should get out more. :)

Oh, and I've also seen people find the window, drag the one icon to the other... and then double-click the first icon, thus launching the application off the disk image. Mixed results ensue, depending on the nature of the app.

Re:Too much root is not a good thing

[DarwinSurvivor]

Is there an option to trust custom certificates you provide?

Re:Too much root is not a good thing

[dgatwood]

I figured the rest of the sentence would have been obvious from context, but since it obviously wasn't, I'll post the complete sentence. "Where the Application physically lives isn't that important, so long as it continues to do so."

Re:Too much root is not a good thing

[dgatwood]

These days, apps more frequently come in a Zip archive than a DMG, so it's more common to see people drag apps from their Downloads folder to the Dock than from a mounted disk image, but....

Re:Too much root is not a good thing

[PhunkySchtuff]

Yep, I see this too. Or they dump it on their desktop and run it from there or... well, just about anything except actually putting it where it belongs and launching it from there.

Re:Too much root is not a good thing

[donaldm]

On any Linux/Unix system you need to be root to add applications or change configuration files, however there is nothing to stop you adding applications or even changing configuration files providing you as a normal user has the privilege to do so which normally means you can write into any directory owned by yourself. This concept has been available in Linux/Unix almost from inception.

The problem Linus seems to have is he finds that he would like to allow users to add printers without elevated privilege. Personally I don't have an issue with this however if you have a server (and yes a Linux/Solaris laptop/netbook/PC/tablet can be easily made into a server) then you want some control on what printers are added (or not added) to the server. Allowing all users access to change printers can be done, all that is needed is to modify the printer (normally CUPS) program to allow for system and user local printer setup. Of course the modifier would have to be careful not to compromise security.

I see this on Macs a lot. If you want to install anything, you have to type an administrator's password.

In theory, that's great. But in effect, you are giving that installer root access. So if I understand correctly, that installer could be putting any amount of spyware (or whatever) into your computer and nearly perfectly cover its tracks.

You are quite correct a Criminal System Admin could compromise a system, however on any corporate system you have to assume the designated System Admin(s) have some integrity and won't deliberately do the wrong thing. It all boils down to trust. If you don't trust your System Admin you may as well give up on having a computer.

As for giving out the root password to non System Admin users you are compromising your computing system. I am quite sure I will read how "sudo" (or other such division of privilege tool) is the best solution. My answer is "no it is not".

Personally on my machines I never use "sudo" although on corporate machines I sometimes have under my control I only use "sudo" to allow designated users access to tasks specific to their corporate requirements such as specific monitoring tasks which are normally required for professional databases such as Oracle and SAP and only after all requests are vetted by the corporate security team and appropriate change requests have been raised and approved. For people to be allowed "sudo" root access on any machines I control I want the reasons in writing which will be passed to the relevant security team where it normally is rejected.

Re:Too much root is not a good thing

[Eponymous+Hero]

cmon windows user, leave the mac user alone, he's suffering enough as it is. there's no recycle bin, it's called "Trash." you don't delete, you "Move To Trash." i'm surprised it's not called "Gentrify" or something equally/appropriately stupid. and no, he can just put a folder on his desktop (called Applications if he wants) and place all the dmgs there (exes to you).

here's a nickel, kid http://farm1.static.flickr.com/87/240803829_9212773615_o.png

Re:Too much root is not a good thing

[mcgrew]

Linux guy coming to Apple's defense here -- in many Linux distros, there is both "delete" and "move to trash". When you delete something in Linux it's gone. Move it to the trash and it's the same as moving to Windows recycle bin.

What an ass

[MatthiasF]

He could have just added the user to the sudo group and been done.

But no, he had to go harping on everyone on bug lists and social media rants to put people down, even suggesting whoever made the system should die.

What an ass.

Re:What an ass

[Rhacman]

If I understand correctly this in effect would be giving that user root priviledges. I think his complaint was that an ordinary task like adding a printer required that level of priviledge, not that it was inconvinient to do. It sounded like he wanted to administer his childs laptop without giving them free reign over it.

Re:What an ass

[MrHanky]

You don't generally use sudo when installing printers under Linux. You either use the web frontend for CUPS, in which case you're prompted for a password (either root or a user in a printer admin group), or more likely some application in the DE, in which case it's up to the PolKit configuration or whatever arcane nonsense they use these days. And yes, the default policy should be to allow users to add printers.

Re:What an ass

[Hatta]

Why should he have to do that? Why isn't it sufficient to add the user to the 'lp' group? There's no reason that printing should require root access at all.

Re:What an ass

[OzPeter]

Why should he have to do that? Why isn't it sufficient to add the user to the 'lp' group? There's no reason that printing should require root access at all.

Why does an administrator have to add anyone to anything in order to do a commonplace task on a machine that is really a commodity item?
 
Not that I have read his rants but I get where he is coming from.

Re:What an ass

[hobarrera]

This would only prove that OpenSuse if impractical for shared computers, since all users need a root password for ordinary tasks, one of which is bound to screw up.

Re:What an ass

[arth1]

"+1 Stupid"
That's still giving a user superuser access when it shouldn't be required. Why open the barn door?

Plus, it likely wouldn't work. Because chances are that Linus' son sits in the GUI and tries to add a printer there, not using "cups-add-printer" or similar from the command line.

Re:What an ass

[ArcherB]

If I understand correctly this in effect would be giving that user root priviledges. I think his complaint was that an ordinary task like adding a printer required that level of priviledge, not that it was inconvinient to do. It sounded like he wanted to administer his childs laptop without giving them free reign over it.

He was also a bit pissed that you need the root password to connect to a new wifi hot spot. Could imagine the network admin's nightmare of having to give the root password to a salesman trying to give a presentation on the road?

I had the same problem with my Fedora 16 (XFCE Spin) box needed the root password to eject a CD. It really sucked that my file manager couldn't do it unless I ran it as root. I don't even know what the file manager's name to run as root and I shouldn't have to. Of course it was no big deal for me to type in "sudo eject cdrom", but I wouldn't expect the average user to know that. Besides, I shouldn't have to add standard users to the sudoers group just so they can swap a friggin CD out!

Re:What an ass

[arth1]

This would only prove that OpenSuse if impractical for shared computers, since all users need a root password for ordinary tasks, one of which is bound to screw up.

... or will abuse it to spy on others - read their e-mail or check their browser history, for example.

Re:What an ass

[Wrath0fb0b]

Why should he have to do that? Why isn't it sufficient to add the user to the 'lp' group? There's no reason that printing should require root access at all.

Because, in any sane environment, that would require proving that the entier printer-management interface is secure enough not to allow privilege escalation or agent-based attacks. At the very least, that would require a software audit of those components that can be twiddled and probably some pen-testing and/or fuzzing. You can just say "well, this is designed to just let users add a printer so surely it can't be used to do anything else" -- I suppose you *can* say that but you ought to lose your job for that kind of thinking.

We've had large multi-user operating systems for decades now and people still don't seem to understand this basic principle -- if an interface is available to a regular user, it has to be vetted to ensure that it does not allow the user to do any more than what it advertises and that the effects of that are limited to things that the user is supposed to be able to accomplish.

Re:What an ass

[John+Hasler]

If I understand correctly this in effect would be giving that user root priviledges.

You don't. The whole point of sudo is that it gives you fine-grained control over the privileges of each user.

Re:What an ass

[thereitis]

That's the way I understood his argument, too, and I agree with it. I'm not defending the _way_ he made his argument, though.

Re:What an ass

[Tharsman]

That sounds like TSA logic!

Re:What an ass

[icebike]

You don't generally use sudo when installing printers under Linux. You either use the web frontend for CUPS, in which case you're prompted for a password (either root or a user in a printer admin group), or more likely some application in the DE, in which case it's up to the PolKit configuration or whatever arcane nonsense they use these days. And yes, the default policy should be to allow users to add printers.

This is true, but out of the box, there is no printer-admin group in OpenSuse, and no users are added to it by default. You have to remember to do that, as well as 3 or 5 similar group-membership things in order to make a machine "user maintainable" for normal operations. Things like video, wifi, cdrom, all need permissions or are managed by membership in groups that you have to remember to check.

Left unsaid is how old Linus's kid is. Given the parentage, I'm surprised the kid doesn't already have root, not only on the laptop but the school's network server as well.

Re:What an ass

[Isaac+Remuant]

I'm still wondering why a lot of these things feel like only being able to drive a car if you know how the engine works in detail (and more).

Sure, programmers and computer enthusiasts might be able to deal with this sort of thing but anyone else probably will be paralyzed.

Yes, I'm aware there are several distros suiting different needs but the general feeling always seems to be that you need to know one too many things.

Re:What an ass

[DarkOx]

At some point a privileged operation more than likely has to take place. Perhaps Linus should do a little introspection about how his own kernel handles module loading?

I don't use SUSE so I don't know what I am talking about here but it seems maybe the problem is along the lines of their add user script should suggest putting new users in plugdev? Which would let udev(which runs as 0) load the required modules and the default rules would likely make a lp device writable by members of lp.

So it probably is an issue in SUSE but its also most likely a minor oversight than it is a serious flaw.

Re:What an ass

[TheLink]

With the popular Desktop Linux security models would you have enough power to pwn the system if you had the power to add a printer?

Re:What an ass

[Bill_the_Engineer]

That sounds like TSA logic!

It appears you are trying to install a printer I never seen before.

Press OK for exceedingly personal and embarrassing pat down, or READ MORE for a way to just pose nude in front of the web cam, or press CANCEL to order your cavity search online.

Re:What an ass

[tomhudson]

We've had large multi-user operating systems for decades now and people still don't seem to understand this basic principle -- if an interface is available to a regular user, it has to be vetted to ensure that it does not allow the user to do any more than what it advertises and that the effects of that are limited to things that the user is supposed to be able to accomplish.

What a load of horse puckey. This is a kid's computer for school use. Not a system to control an aircraft or nuclear power plant. "As much security as necessary, and no more". Besides, you should always leave some low-level fruit hanging out there as a "canary in a mineshaft" warning mechanism, otherwise you are forcing attackers to put on their best game face.

Re:What an ass

[Tharsman]

Disclaimer: Webcam installation will require full body Xray scan.

Re:What an ass

[softwareGuy1024]

You don't. The whole point of sudo is that it gives you fine-grained control over the privileges of each user.

sudo, is used to run as root. The point is to allow the user to do a quick operation with root permissions, then go back to running as a normal user. It doesn't "give you fine-grained control over the privileges of each user."

Re:What an ass

[SpooForBrains]

Has something changed, because Network Manager allowed user control over connecting to WLAN back in ... er ... 10.0 I think, or one of the 9. series. By default, in fact. I remember it annoyed me and it was uninstalled in short order, but it worked.

Re:What an ass

[ArcherB]

Has something changed, because Network Manager allowed user control over connecting to WLAN back in ... er ... 10.0 I think, or one of the 9. series. By default, in fact. I remember it annoyed me and it was uninstalled in short order, but it worked.

Personally, I'm not sure. I have not done wireless on Linux in quite some time and since I'm usually the only user on whatever system I'm using, meaning I set it up, I don't think twice about having to type in passwords. Being part of the sudoers group means I type my own password. It only becomes a problem when something like the file manager tells me that it does not have the permissions to eject the CD and doesn't know to ask for a my password. The sad part is that I am actually in the "root" group! What other group do I need to be part of? CDROM? Disk? Dbus? I don't know. I'll add myself to all of them and see if that takes care of the issue.

Now, imagine if this were a notebook and I was giving this to our sales rep to give a presentation at a potential customer's site.

Back to wireless, here is Torvald's post:

I first spent weeks arguing on a bugzilla that the security policy of requiring the root password for changing the timezone and adding a new wireless network was moronic and wrong.

I think the wireless network thing finally did get fixed, but the timezone never did - it still asks for the admin password.

And today Daniela calls me from school, because she can't add the school printer without the admin password.

Whoever moron thought that it's "good security" to require the root password for everyday things like this is mentally diseased.

So here's a plea: if you have anything to do with security in a distro, and think that my kids (replace "my kids" with "sales people on the road" if you think your main customers are businesses) need to have the root password to access some wireless network, or to be able to print out a paper, or to change the date-and-time settings, please just kill yourself now. The world will be a better place.

Re:What an ass

[Hatta]

At some point a privileged operation more than likely has to take place.

Why? Chances are the printer is hooked up via the network port or the USB port. I can access network services without root access. And I can plug in other USB devices and use them without root.

Re:What an ass

[chuckinator]

Go in to the linux box you supposedly own and type 'man 5 sudoers'. You can specify which programs a user can run as root with fine grained controls that only allow specific users or specific groups to run only specific programs. It is not an all or nothing tool even if a majority of lazy sysadmins use it that way. If it didn't have that level control, there would be no point in using it over /bin/su.

Re:What an ass

[jedidiah]

Basic system security.

This is how you end up with an OS that's not a haven for malware.

That said: the system should be configured sanely by default. It doesn't have to be locked down to an absurd level. Separating priveleges doesn't require that.

It sounds like Suse needs saner defaults. Although the defaults could have started out just fine.

Re:What an ass

[jedidiah]

Ubuntu does it too.

So does any other Unix that uses some form of sudo.

Re:What an ass

[Wrath0fb0b]

It appears you are trying to install a printer I never seen before.

Or "It appears you are trying to install a printer I have never seen before. OK -- that's fine." Oh wait, this printer driver lets you have raw access to a device that, due to a race condition involving socket creation, lets you overwrite arbitrary memory addresses belonging to other users. Or lets you continue to add printers until you overflow a statically initialized buffer and escalate your privileges. Or .....

The mistake you've made is in assuming without proof that the only thing you can do with this particular privilege is what is intended. That might be true or it might not be, and you won't know until you get some security-trained eyes to take a look at the interface provided and validate that it allows only what it is supposed to allow and nothing more.

Re:What an ass

[softwareGuy1024]

I stand corrected, there is more to the tool than I knew about. However, I still disagree that that is the only advantage over su, which requires you to know the root password, start a new shell, do your command, and exit. Most users use sudo in the manor I described. Why else would most systems ship with an admin group in the sudoer file with all permissions?

Re:What an ass

[Eil]

Incorrect. "man sudoers" for enlightenment.

Re:What an ass

[fast+turtle]

Oh Goody, I can now print out those nuclear warhead plans on my printer in Istanbul and seel them to Iran. Yes it's a bit of a stretch but then, you do need to configure each user correctly when setting a system up. As a sometimes Linux Admin (my own box) I've always added my daily user to the various groups such as root/users/cdrom groups as those are the minimum needed. The only other groups I've found any need for are dbus/usb, games and audio. Everything else gets added as needed when it's discovered that there's a lack of functionality.

Re:What an ass

[chuckinator]

http://en.wikipedia.org/wiki/Wheel_(Unix_term)
Because it's been that way since TENEX (circa late 1960s), and a majority of sysadmins are crusty curmudgeons that hate change. It's just the laziest (and least time consuming) way to give users admin privileges without sharing the root password is add them to the wheel (or admin) group instead of re-writing /etc/sudoers everytime they want to give someone access to that one special command that requires UID 0 privs to run right.

Re:What an ass

30 seconds on Google and you'd have learned this instead of coming off like a fool. I'm not saying this to be mean, I'm saying this because too many posts around here could be confirmed/denied in a few seconds instead of someone talking up crap they don't understand. In and of itself it's normally not harmful but let a few misinformed mods get to the post and it becomes a real problem.

Re:What an ass

[arth1]

Not that Linus reads my posts, but....
For the time zone, I think it depends on whether you try to set a system's localtime or a user's timezone. The latter obviously shouldn't require superuser access, but anything that changes behavior for all users should IMO only be doable by an administrator.

Re:What an ass

[recharged95]

Depends, most business printers and new printers are WiFi connected.

The USB connection is there, but why use it when you can connect via wireless.

And connecting to anything wireless usually requires a passphrase, key... or root.

Re:What an ass

[Bill_the_Engineer]

Whoosh!

Re:What an ass

[Lonewolf666]

Linus has a point. I think an intermediate, pre-defined level of access (higher than normal user, lower than root) might be helpful sometimes. Like the "Power User" from old Windows NT.

Re:What an ass

[Threni]

Who does he think he is - providing feedback and advice about Linux?

Re:What an ass

[lindi]

Joining a wifi network also changes behavior for all users though, and so does "shutdown -r now". I doubt you want to ask an administrator to reboot your laptop :-)

Re:What an ass

IMHO in a truly client-server environment it's the printer's job to grant or deny the access to its paper and its ink. The printer shouldn't rely on the authentication algorithms of the client machines because it can't and must not trust them. So it's ok to be able to attempt connecting to a printer without root credentials.

If the printer is dumb and we have to move security to the clients, then maybe being able to sudo is necessary. Anyway I believe this is a suboptimal arrangement.

Re:What an ass

[donaldm]

Joining a wifi network also changes behavior for all users though, and so does "shutdown -r now". I doubt you want to ask an administrator to reboot your laptop :-)

Joining a wireless network is actually under user control for Fedora 15/16 which is very useful for a Laptop user who has to access different networks without needing the root password. As for shutting down the machine it is a very simple matter to power off a machine if you have access to it. In fact most (if not all) distributions of Linux allow the user to gracefully shutdown their Laptop via a GUI although running the "shutdown" command is still reserved for the System Admin.

Re:What an ass

[donaldm]

You don't. The whole point of sudo is that it gives you fine-grained control over the privileges of each user.

sudo, is used to run as root. The point is to allow the user to do a quick operation with root permissions, then go back to running as a normal user. It doesn't "give you fine-grained control over the privileges of each user."

No "sudo" is a means of adding elevated privilege to specific tools that will be used by trusted non System Admin users. It was never meant to be used as a means of allowing root access to a machine by just entering the user's own password. In many corporate environments using sudo to become root (unless specifically cleared with the Security Group) is a sure fire way of loosing your job.

The best way of using "sudo" is not to use it unless there is a compelling reason to do so (again see my corporate comments). As the System Admin on a home machine you should only use the root password to do System Admin tasks and the user password and the root password should be different.

I am quite sure many people will disagree with what I have said but I have never yet had to back-down on the above comments over the last 21 years.

Re:What an ass

[Zero__Kelvin]

You don't understand sudo , and it absolutely does give fine grained control. You have been using the most simple case, but there is far, far more under the hood. Welcome to Linux!

Re:What an ass

[robsku]

sudo, is used to run as root. The point is to allow the user to do a quick operation with root permissions, then go back to running as a normal user. It doesn't "give you fine-grained control over the privileges of each user."

If you're an asshat and give the user ALL permissions, then yes, they have access to everything. You DO have the ability to give a standard user sudo access to only certain binaries (eject, for example)...one should look into the sudoers permissions manual...good reading.

Not to mention you can also allow user 'katy' to run binaries as 'fred', not necessary as 'root', etc.

Ignorance is ugly, but I understand this guy - I've been using Linux since '02 but only learned about sudo from ubuntu around '06-'07 and thought that it was much more like he now seems to think :) Since that I've tried (for learning) just about any type of configuration settings possible for root and still have some commands allowed without password, some with my regular password and some asking root user password (with different prompt so I know which one is asked) :p

Re:What an ass

[MadMaverick9]

How To Assign Printing Administration Capabilities To Users
CUPS administration
that just took me a minute or so to find these links.

Mr Torvalds - rtfm.

and i for one am happy that this is NOT the default, but that as an admin one has to make a conscious decision to give a user access.

Re:What an ass

[mcgrew]

I was running kubunto on the Acer notebook that got stolen last year and had no trouble logging into any wireless network. It just worked. I'd turn it on at Felbers and was instantly connected to Felbers' network, take it home and was connected to my own. The only password I had to enter was the network password, and then only once, the first time I logged into it. It remembered the network password from then on.

I feel you man,

[Dr.+Tom]

B.S. in C.S., M.S. Psy., Ph.D. in C.S. and B.S.*, and my job is to fix the printer ...

* That's Brain Science, you r'tard

In other news, Linus has a child old enough to install printers on Linux ... I feel old.

I guess it's reasonable ... they use to say, "you're not dating girls until you're 21!"
Now it's "You can't have the root password until you're 21!"

By the way, Linus is right, I usually disable selinux ... a good firewall is fine ..., and
also if your child clicks on an attachment from a stranger, that's a grounding.

Re:I feel you man,

[hobarrera]

Grounding? What kid nowadays cares about going outside. Changing the AP's password is a proper punishment!

Re:I feel you man,

[oldhack]

You related to Dr. Bob?

Re:I feel you man,

[geekoid]

You have PhD in "Brain Science"

what does that mean? I know what you mean by Brain Science, but isn't that normally call Neurology?

By the way, if you had a Ph.D in C.S., you don't need to list the B.S. in C.S.

Re:I feel you man,

[jd]

Huh? Capabilities would offer far more fine-grained control over the degree of punishment.

Re:I feel you man,

[Dr.+Tom]

No internet for a week! I like it.

You can't take away the kid's smartphone, or how else could you track him?
(There is a tool that allows parents to remotely activate their child's smartphone microphone, so they can not only see where the child is, but what he or she is saying. Children: you need an acoustic foam box in your clubhouse.)

Re:I feel you man,

[ChrisMaple]

SELinux is a huge stinking pile. Once it's installed it can't be disabled, claims to the contrary notwithstanding. The last time I tried to disable it, my system wouldn't boot. The advice SELinux gives for overcoming alerts doesn't work more often than it does.

Re:I feel you man,

[Barbara,+not+Barbie]

SELinux is a huge stinking pile. Once it's installed it can't be disabled, claims to the contrary notwithstanding. The last time I tried to disable it, my system wouldn't boot. The advice SELinux gives for overcoming alerts doesn't work more often than it does.

selinux is a mistake, but nobody wants to admit it.

There is a way to disable it, but it's not intuitive. You first off have to change a setting in the configuration, then reboot, and only then remove it. Just removing it leaves you with an unbootable system. It's easier to just say "selinux=0" at the install prompt.

Even then, the kernel still has all the call thunks for it, so while it's disabled and removed from the system, you're still paying for the overhead of an extra function call on many operations. A really bad decision which contributes to bloat, lower performance, and a larger surface for bugs and attacks. But don't tell anyone, because the self-appointed security nazis will accuse you of "not being security-minded".

Disabling it gives you an average 7% increase in performance, same as disabling swap gives you better performance (but again, so many people refuse to believe it because they believe "more swap is always better" when it was never the case, and was also the main contributor to early microckernels poor performance). And for you swap nazis, this is posted from a computer with both selinux and swap disabled, and only 2 gigs of ram ... and it continues to work just fine. Even with firefox, opera, openoffice, gimp, jedit, gedit, and thunderbird all open, it still has a gig free. Heck, even Eclipse won't trigger the OOM process killer.

(it takes some real ram, and some real cpu cycles, to run a memory cache. The bigger the cache, the worse it gets. Just like it takes real cpu cycles and real ram to run swap. The optimum was never even 2x real ram except with systems under 16 MEGS of ram ... dump the swap, you don't need it.)

Re:I feel you man,

[mevets]

I doubt you can overstate the BS in CS.

Re:I feel you man,

[arth1]

There is a way to disable it, but it's not intuitive. You first off have to change a setting in the configuration, then reboot, and only then remove it. Just removing it leaves you with an unbootable system. It's easier to just say "selinux=0" at the install prompt.

True, it's not intuitive, it does require you to read a man page or two.
But most of the time, if you don't want to deal with SELinux, you can easily enough run it in permissive mode, where it will only log violations, not stop things from working:

setenforce 0

That way, if you later change your mind, all you have to do to re-enable it is "setenforce 1", instead of having to relabel entire file systems and reboot.

But why are we talking about SELinux again here? This is SuSE, which to my knowledge uses AppArmor instead of SELinux, unless things have changed recently?

Re:I feel you man,

[vjoel]

(dump the swap, you don't need it.)

...unless you like to hibernate.

Re:I feel you man,

[Barbara,+not+Barbie]

You don't need a dedicated swap partition to hibernate - create a swap file, turn on swap to use that file, then hibernate to it. On resume, turn off swap, then delete the swap file.

Or just don't bother hibernating - suspend to ram instead. But since a LOT of applications leak memory like a sieve, it's better to just reboot instead of hibernating if you have a choice.

Re:I feel you man,

[Barbara,+not+Barbie]

But why are we talking about SELinux again here?

.. maybe because I was replying to a post that mentioned selinux? :-)

Mind you, the way suse is going, soon we'll be talking about it the way we now talk about slackware - "... I remember back in the days when I was running ...." (slackware is pretty much dead, which is a real shame).

Re:I feel you man,

[Hatta]

dump the swap, you don't need it

I tried this on my laptop with a gig of ram. I started losing X to the oom killer once in a while.

Re:I feel you man,

[Barbara,+not+Barbie]

I guess it could happen, but this box is running apache, mysql, sshd, and a few other services, and I really have to work at it to get past 1 gig of ram used. Of course, I could just start kde and watch memory go down the memory hole, and not close firefox every day if I leave the machine on overnight (firefox is a real hog), but I have a habit of closing everything even if I'm just going to be gone for a few hours, and logging out if I'm going out (closing everything but not logging out doesn't free up all the leaked ram that logging out does, and even that doesn't free up everything compared to a clean restart. While part of that could be log file buffering, etc., it's certainly not in the realm of 50 to 100 megs extra - or if it is, that's a design flaw).

Re:I feel you man,

[JonySuede]

It's a different level of abstraction.

In cognitive computing the low level neurological approach is called sub-symbolic while the brain science approach is more symbolic/functional (like a symbolic algebra, not like a symbolic dream).

Currently good results are obtain by combining the two approaches, to learn more go read some papers from the ACT-R community...

Re:I feel you man,

[YoopDaDum]

Of course, I could just start kde and watch memory go down the memory hole

KDE session running on a fixed workstation since about one month here, just locked at night. Memory used: just below 1 GB. And it's not even a recent KDE, it's Debian stable 4.4 version. It's anecdotal, sure, but on a fairly recent machine the "bloat" from recent DEs seems more a perceived than an actual problem.

Re:I feel you man,

[Barbara,+not+Barbie]

KDE session running on a fixed workstation since about one month here, just locked at night. Memory used: just below 1 GB. And it's not even a recent KDE, it's Debian stable 4.4 version. It's anecdotal, sure, but on a fairly recent machine the "bloat" from recent DEs seems more a perceived than an actual problem.

You're seriously leaking memory. Just for fun, I'm running the latest gnome (in fallback mode - removes the ui suckiness and some of the bloat, and is much more responsive), and have firefox AND thunderbird AND opera AND jedit AND gedit AND openoffice AND mysql AND sshd AND apache AND eclipse AND ftpd AND a few other services running - and STILL less than 750 meg used. I could save even more by using LXDE.

And remember, this is with nothing swapped out to disk (no swap partition, no swap file).

Log out of your session, wait 10 minutes, and see how much free memory you have - you won't ever recover it all. Reboot, log in, and see how much less you're using. The quality of most programs today is so poor that a daily reboot should be de rigeur. And before anyone starts whining - go download the bsd ports collection, and compile all that software - much of it gpl, and look at all the error messages you get because people do invalid pointer conversions, comparisons that always yield true or false, etc. The "many eyes make all bugs shallow" is itself a shallow argument - it misses the fact that nobody is even looking because it's more fun to add new features than it is to fix bugs.

Re:I feel you man,

[YoopDaDum]

I don't need to look for leaky applications: I have acroread opened ;). With many large PDFs and I rarely close it, as it's convenient to keep these documents quickly accessible. It's the top memory user (no surprise) and nothing should leak more than this really. Even that is not bad enough that I bother, or I would use another reader (acroread rendering quality is still a bit better on my set-up. I guess I'll be able to dump it with wheezy). I close it every few weeks or so and it's ok. KDE plasma is a distant second and I never bothered closing the session just to recollect memory. Kernel upgrades happen often enough to deal with this.

The workstation is a couple years old and has a Xeon with 3 memory interfaces, so it's fitted with 6 GB (3 x 2 GB). It was not high end when bought. No swap either, and plenty of services (apache, sshd, NFS...). The other apps I open and close regularly. My 5 years old laptop has 2 GB of RAM, and I don't need to care either (but I shut it down more often).

I completely understand people on older machines with smaller RAM who want to limit memory usage, and it's very good alternatives exist. But on a reasonably recent PC that is not a netbook memory usage is not so much a practical concern as an annoyance for people who like a tight ship I'd say. Which I can understand too, but it grates instead of hurt.

Re:I feel you man,

[Barbara,+not+Barbie]

Acroread ... biggest memory hog .... sounds about right :-)

You would not believe how much static I got arguing that swap is totally unnecessary nowadays. People are arguing that no matter how much ram, you should always have 2x swap. So when I point out that you can set up a box with 64 gigs of ram for under $1500 ...

Especially now that even spinning rust disks have their own implementation of the elevator algorithm (so we could dump that extra code as well), and much larger caches than in the past ...

"But memory that isn't used is wasted." So what - use less, don't bother searching it, and you can have the machine either slow or completely turn off the parts that aren't being used.

Re:I feel you man,

[bingoUV]

perl -e '$zero=`cat /dev/zero`'

You are welcome

No he didn't

[PatDev]

Maybe it's a nitpick, but if you employ quotation marks, you are denoting one of two things - sarcasm or direct quotation. Given the context, it does not appear to be sarcasm. RTFA shows that Torvalds did not use the words "too intrusive".

Sure, it's one somewhat questionable paraphrase of what he said, but to use quotation marks there is dishonest. His complaint was not even over the amount of effort, but rather of whom the effort was required. That is, non-root users were being required to know the root password for routine tasks.

Re:No he didn't

[fahrbot-bot]

Maybe it's a nitpick, but if you employ quotation marks, you are denoting one of two things - sarcasm or direct quotation.

I didn't see the sentence to which you were referring, but quotes can also be used for other reasons like signaling unusual usage:

Crystals somehow "know" which shape to grow into.

or referring to the word itself rather than its associated concept (see link above):

"Cheese" is derived from a word in Old English.

There are references other than Wikipedia out there as well...

Re:No he didn't

[PatDev]

And just to shake up the traditional Slashdot vibe...

Your citation was helpful. Thanks for the correction. I was wrong to incorrectly mention only those two uses of quotation marks.

That said, wikipedia lists the following correct uses:

• direct quotes
• irony (I called it sarcasm)
• unusual usage (as mentioned by parent)
• use-mention distinction (as mentioned by parent
• titles of works
• nicknames and false titles (Nat "King" Cole)

It also mentions the incorrect, but increasingly common amongst the un- or insufficiently-educated, usage of quotes for emphasis ( "No" food or drink in the theater).
That said, none of these categories explain the use (I was referring to the title) of quotes around "too intrusive". Context clues still indicate to a reader that this is a direct quote, but he did not say it.

Re:No he didn't

[adavies42]

That said, none of these categories explain the use (I was referring to the title) of quotes around "too intrusive". Context clues still indicate to a reader that this is a direct quote, but he did not say it.

someone (either Unknown Lamer or jfruh, i suppose) probably picked it up from newspapers, where it's mostly a libel shield: "Celebrity X 'abusive'" is a much safer headline to print than "Celebrity X abusive". It's supposed to be a quote from a statement referenced in the article, though, so this was definitely not a correct instance of that use.

My hypothesis...

[brennanw]

Linus Torvalds is the Harlan Ellison of Linux.

Re:My hypothesis...

[Anomalyst]

Ne wave OS
"I see a man using Linux and Linux is biting his leg"

Re:My hypothesis...

[jedidiah]

Why? Is he shaking down anyone for money or credit for a lame idea he had 30 years ago that someone else did a much better job with?

Does he actively campaign against "doing stuff for free" even when that loss leader activity might actually get him more work in the future or improve his standing with fans?

I'm having trouble seeing the parallel there.

Ironic

[Kamiza+Ikioi]

But... G+ is a ghost town? Just yesterday, people were saying, oh, gee, why would I even be interested in G+? Now /. is pulling stories directly from there.

Mmm Hmmm...

Re:Ironic

[ohnocitizen]

Just from Linus's feed. Google+ is becoming more like Twitter than Facebook. Just a few users talking to the masses, rather than a ton of users talking to each other.

Linus is on Google Plus?

[heptapod]

Dude, he must be having some epic conversations with Wil Wheaton!

Thanks for reposting him on Slashdot otherwise no one else would've seen it.

Re:Slow news day?

[MightyMartian]

It's a strange complaint seeing as how even with Windows, to install a new print driver, you have to have admin permissions or know the user id and password of a user with admin permissions. You can add all the printers you like providing the driver is installed, and it's no different for Linux distros.

if Torvalds kid is smart enough to use

[FudRucker]

linux on a laptop he should be smart enough to be able to responsibly know and use the root password, he is Linus Torvalds kid for gosh sakes!

Re:if Torvalds kid is smart enough to use

[msobkow]

More to the point: if it's the kid's laptop, why don't they already have the root password?

It sounds like "Dad" is being a bit too controlling about the computers in his home, not that the security is excessive.

Re:if Torvalds kid is smart enough to use

[inode_buddha]

Yeah he can be a control freak, but in a way I can't blame him. Can you just imagine how many black hats would like to get into Torvalds home LAN? Consider also that the man is pulling over 250 thousand $$$ per year wouldn't somebody like to sniff his network?

Re:if Torvalds kid is smart enough to use

[jovius]

Maybe the kid actually knows the root password but she phoned daddy to complain about having to enter it every f'ing time.

"And today Daniela calls me from school, because she can't add the school printer without the admin password."

The problems kid have nowadays...

Re:Slow news day?

[hobarrera]

He has the knowledge to do the above, but he dedicates his time to developing the kernel, instead of configuring user-level stuff like printer installation UIs and stuff like that. He just relies on some distro, with it's general packaging of software, etc. This time, he just hit one with an anoying habbit of asking for a root password every five minutes. Lots of people can tweak it so it doesn't do that. But moving to a distro with saner defaults is just faster, and more efficient.

Geeze, what a drama queen!

[euroq]

From Linus's post,

So here's a plea: if you have anything to do with security in a distro, and think that my kids (replace "my kids" with "sales people on the road" if you think your main customers are businesses) need to have the root password to access some wireless network, or to be able to print out a paper, or to change the date-and-time settings, please just kill yourself now. The world will be a better place.

This sounds like a post from an anonymous coward on Slashdot!

Re:Geeze, what a drama queen!

[SomePgmr]

Then I'm going to have to start browsing at 0, cause that shit is dead-on.

Re:Geeze, what a drama queen!

[Lawrence_Bird]

not only a drama queen but pretty foolish too. A business laptop should be locked down. If a user is going to need certain external hardware than it should require an administrator to verify why and do what ever is required for the install. Basically Linus is saying 'if it is inconvenient it should go!' Instead of moaning he should just use a distro with looser standards and not cry about one that is intentionally secure.

Re:Geeze, what a drama queen!

[gnapster]

A business laptop that is carried five states away to deliver a million-dollar presentation should not have any security barriers that would jepordize that presentation. I would count "Contacting IT back at our headquarters so I can use the WiFi" as just such a barrier.

Clearly, then, this is not the Year of the OpenSUSE desktop.

Re:Geeze, what a drama queen!

[Lawrence_Bird]

If you and your IT dept. did not consider these things before doing a million dollar presentation you deserve to lose it.

Re:Geeze, what a drama queen!

[gnapster]

Fair enough. But the point is that when me and my IT department are considering these things, we will opt for Windows XP over OpenSUSE.

Why all this echo on /. ?

[everslick]

C'mon, all this buzz about a 4 line post on G+ ? It's not even silly season yet.

Re:Slow news day?

[geekoid]

bu the point is, you shouldn't have to. Think about wider distribution, say.. 500 machines.

Re:Slow news day?

[Bill_the_Engineer]

You insinuate that somehow his time is more valuable than anybody else's. Also there is push back from the OpenSUSE community that insist they like the current security defaults. Anyway I'm pretty sure he wasted more time writing his little rant than it would have taken to make it where his son could use a printer.

One could speculate that he is just demonstrating the consequences of not taking all of his opinions as gospel and giving it the upmost priority on bug tracker.

Printing?

[JustAnotherIdiot]

Back in my day, we copied pages by hand that we needed our own copies of. You're all a bunch of spoiled, lazy brats!
Now if you'll excuse me, I have a hill to go up in order to get home.

Re:Printing?

[w_dragon]

The same hill you came up to get here?

Re:Printing?

[JustAnotherIdiot]

Haha, I'm glad someone caught it.

Re:Slow news day?

[Bill_the_Engineer]

bu the point is, you shouldn't have to. Think about wider distribution, say.. 500 machines.

I assume you would make a custom distribution with SUSE Studio and install it on all of your machines.

Re:fris7 p5ot

[Isaac+Remuant]

The link between brackets notes that you're a bunch of years late for that joke. Don't worry, you can still be original by copying a recent troll post.

Remote ejecting

[tepples]

I shouldn't have to add standard users to the sudoers group just so they can swap a friggin CD out!

Should someone be able to eject the CD that you're using while remotely logged into your computer using SSH?

Re:Remote ejecting

[w_dragon]

If that someone has a valid user name and password, and you leave ssh open on your laptop, sure. Why not?

Re:Remote ejecting

[Desler]

And how often does a typical user have someone SSHed into their laptop? I'm betting next to never so the defaults should reflect that.

Re:Remote ejecting

[lindi]

/usr/share/polkit-1/actions/org.freedesktop.udisks.policy

has

<action id="org.freedesktop.udisks.drive-eject">
...
      <allow_any>no</allow_any>
      <allow_inactive>no</allow_inactive>
      <allow_active>yes</allow_active>
...

to make sure that remote SSH users can't eject your CD but local users can.

Install printer just for me

[tepples]

You either use the web frontend for CUPS, in which case you're prompted for a password (either root or a user in a printer admin group)

Why can't each user have a separate set of printers and a separate printer admin group to manage his own printers? "Install this application or device just for me" is something that a lot of these multiuser operating systems have tended to neglect.

Re:Install printer just for me

[jedidiah]

Having a new printer configured for only a single user is a pretty stupid idea actually. That's bound to annoy everyone else that uses that machine.

Re:Install printer just for me

[icebike]

That's bound to annoy everyone else that uses that machine.

Which, in the case of a personal laptop, amounts to the null set.

But lets assume you actually have a multi user machine.
So what if I have to install the drivers for a printer that is near me on the network, and some other user has to install drivers for a printer near them, and all the drivers are specific to the user?

Isn't that what ~/bin is for?

The security model for Linux as a multiuser machine is getting in the way of its actual use pattern. And if Linus Torvalds can see this, why can't you?

Taliban ways...

[Isaac+Remuant]

BZ: +Linus Torvalds I've got to disagree about the connecting to other networks. We have students that connect to other networks to bypass our internet filtering. It makes it a pain, because they neglect to reconnect to our wireless before logging off. Then other students can't log on or can't connect to their server shares.

Linus Torvalds - +Blair Z: if you want to restrict people from doing everyday things, make that the uncommon option, and add a checkmark for it.

Don't force your taliban ways on everybody else.

smooth.

Re:Taliban ways...

[Rich0]

Better still - why not make network interfaces configurable per-user. If one user account messes up the network configuration, those interfaces aren't visible to any other account on the system...

Comment removed

[account_deleted]

Comment removed based on user account deletion

Printer DoS

[tepples]

Because just because a user has one of 100 shell accounts on a machine shouldn't entitle the user to waste the paper and ink of all the printers connected to the machine.

Re:Printer DoS

[cmdrbuzz]

One of 100's of shell accounts.... with all the printers connected....

Its a laptop! And you wonder why Linux isn't that widely used outside of geeks...

Sensible defaults would help!

I don't understand the problem

[dnaumov]

Installing additional hardware on a computer is most definately a function that SHOULD require administrative priviledges on a computer. Sounds like "working as intended".

Re:I don't understand the problem

[Plekto]

Actually, that's not entirely true. Modern printers usually have a control interface application that tells you how much ink is left and what print options are set and so on. Also, they talk back to the typical application in order to make sure that page settings are correct and that your preview function isn't just it hoping for the best. This is especially true of photo printers, which have a whole set of software running to make sure that your settings are properly calibrated when you scan and/or print.

Working as designed, and in fact, no different than, say, installing a sound card, which has its own software and drivers that go with it. How is the OS supposed to know that it's a legitimate driver and not some virus? I'd rather have it be too careful than take Windows approach of everything is fine unless it hits me upside my head and mugs me.

Besides, bitching about a printer just shows how insular people like him have become after all of these years. Perhaps he should just go buy an IPad and wheel himself into the retirement home.

Re:I don't understand the problem

[Mjlner]

Installing additional hardware on a computer is most definately a function that SHOULD require administrative priviledges on a computer. Sounds like "working as intended".

Except that connecting your computer to a printer is not installing hardware. Root privileges are only there to protect the integrity of the file system and operating system. If you have physical access to the computer, you already have the possibility of smashing it to smithereens, or compromising the security.

There is no reason why a properly implemented printing system should be potentially harmful to the OS. The most dangerous action of installing a printer is connecting the USB cable, which could potentially fry your computer if the hardware is malicious. Requiring root privileges will not protect you against that. After that, a properly implemented printing system is a greater risk to the printer than the OS. Requiring root privileges actually makes the printing system more potentially harmful than it needs to be. Period.

When commenting the opinions of one of The Giants, always think twice before clicking submit. There's the remote chance that they actually *are* smarter than you, no matter what you think.

Re:I don't understand the problem

[Rich0]

I disagree - why should installing a printer have to be a system-level function? You can install an extension in firefox without root, but it only impacts your personal use of the application. Why can't printing be any different? Why can't networks be any different?

Sure, nothing wrong with having a set of system-level printers or interfaces. However, let users add to them in a way visible only to themselves.

As far as networks go - I'm not sure why network interfaces should have to be defined at a system level. Why shouldn't each user be able to have their own set of interfaces, and a routing table to go with it?

It seems like a more Plan-9-like solution would help here. In Plan 9 there really isn't a root per-se - there is the default configuration that everything inherits, but then every process is free to deviate from it. A process in Plan 9 can replace /bin/bash if it wants to, as long as it does it in a way that no other process sees.

Re:I don't understand the problem

[Reservoir+Penguin]

It is installing hardware in the most literal sense. Just because it's connected over their air and not by a wire does not make it any less so.

Re:I don't understand the problem

[Reservoir+Penguin]

OS level container virtualization solves Linus's problem. Create a container for the Id and let him play admin it it.

Re:Slow news day?

[dreemernj]

I haven't done much configuration of desktop distros. Would OpenSUSE have a policy option like Windows does where you can grant install privileges to non-admin users for different types of device drivers?

Who mounted the CD?

[tepples]

only the person who mounted the CD should have permission to eject the CD.

I agree with this sentence, but I still need clarification: If two people are logged into a computer, and a CD is inserted, and the CD is mounted automatically, who mounted the CD?

Re:Who mounted the CD?

[Per+Wigren]

If two people are logged into a computer, and a CD is inserted, and the CD is mounted automatically, who mounted the CD?

The one with the currently active desktop. Or maybe all local users should be able to unmount/eject it by default but require sudo/root for remote logins.

Re:Who mounted the CD?

[reasterling]

The one with the currently active desktop.

Are you sure you understand how X works? In a linux environment multi user truly means multi user, even X can be run from a single host to multiple servers (multi user with multiple active desktops). Neither tieing the cdrom to a single user nor requiring root access are a solution to this situation. This should be handled by having a service that manages drive mounting and unmounting on behalf of all users. When a user request that the cd be ejected the service should know who (read, which programs) is accessing the disk and respond accordingly. A message to the user who has the disk locked so that they can tell the service yes or no unmount the disk. Perhaps it needs an overide option, and let the users learn to play nice with each other.

Re:Who mounted the CD?

[Per+Wigren]

Yes, I know very well how X works but I also know how most users think and how they expect their computer to behave. Regardless of technical difficulties and underlying OS design it's a UI problem that should be solved at least for the by far most common usecase; when running a one-user-at-a-time desktop environment on the local computer.

Re:Who mounted the CD?

[lindi]

ck-list-sessions supports both X and console sessions. At least here it seems that only one of them is marked "active = TRUE" at any given time. For example if I hit ctrl-alt-f1 to switch to the first virtual console I see how the output of that command immediately changes.

Re:Who mounted the CD?

[donaldm]

only the person who mounted the CD should have permission to eject the CD.

I agree with this sentence, but I still need clarification: If two people are logged into a computer, and a CD is inserted, and the CD is mounted automatically, who mounted the CD?

Does it matter? If a CD is mounted and a user is accessing the device it is difficult to un-mount. In a corporate environment (ie. server) normally root mounts the CD for specific tasks and then un-mounts it when finished. For a home Linux machine (ie. laptop/PC) the "eject" command will actually eject the CD and you don't have to be root to do this. Of course this won't work if someone or their application is accessing the CD mount point.

For Linux and some Unix machines you can run "lsof" on the CD mount-point to find who is actually using the CD.

Re:Who mounted the CD?

[donaldm]

Are you sure you understand how X works?

Mounting a CD drive or any mountable device for that matter has nothing to do with X11.

Re:Classic Angry Freetard

[Barbara,+not+Barbie]

It's not just the latest "glitches" that have caused people to abandon suse. 12.1 is buggy. Everyone I know who I switched to suse a few years ago is now looking for an alternative.

I suspect it has to do with them renewing their deal with Microsoft (another $100 million in "certificates" until 2015) so they don't feel so "hungry" about fixing bugs and keeping it generally usable.

Between Canonical throwing its Ubuntu and Kubuntu users under the bus, Suse just not "giving a sh*t" any more now that Novell isn't their owner, and Mandriva flirting with their second bankruptcy, there's going to be plenty of distro-hopping over the next few months.

Oblig XKCD

http://xkcd.com/416/

Try Minix32

[BarbambiaKirgudu]

Inspired by: <troll> Try Ubuntu </troll>

<troll> Try Minix 3.2.0 </troll> (humor).

Re:Slow news day?

SUSE Studio

SUSE Studio? Didn't Phil Collins write that song?

Sigh...

[TheSkepticalOptimist]

...that is what happens when a million monkeys write an OS and all think they can do it better then the next one.

Re:His daughter is probably more mature than him.

[jsternberg]

It's called hyperbole.

Now I'm not Linus, so I can't say for certain, but I'm pretty sure he's not telling them to really go kill themselves. He's ranting on a social media site about a security policy that annoys him (and frankly, I agree. Requiring a root password to add a printer or change the timezone may be going a bit far for a non-server machine).

This isn't some carefully thought out philosophical post about the uses of the root password. It's a rant filled with hyperbole that only turned into a news story because Linus Torvalds said it (a guy who is known for using hyperbole very often to make inflammatory remarks).

I'm also pretty sure he didn't start ranting to his daughter. The conversation probably went, "Why is it requiring the root password for that?" "I don't know daddy." "Ugh, here's the password. *silently grumble*"

Re:Classic Angry Freetard

[Plekto]

You can count me in as one of them. Not to be a fanboy or anything, but I've been playing around with Mint and it's surprising at how it works without having to pull your hair out. Well enough out of the box that the learning curve is easy enough for my teenage son to figure out. I introduced him to it as his first *IX environment and he's adapting almost as quickly as he did when he first got his hands on my grandparent's Apple.(talking about new user to comfortable in a few *days*) It even auto-detected and configured itself to my network in 5 seconds flat. Sound, video, USB, the works - done and done.

But it's not just Mint. The amount of innovation that is going on in the latest distros (just this last year or so) is incredible. To the point where there are plenty of alternatives that even complete with Windows for once. Especially when a 13 year old kid can DIY and get it right in a single afternoon.

Suse is kind of in a hard place now as distros go. It's well off of the curve code-wise and is looking terribly dated. Of course, there's the whole GUI-hate issue because most of them now suck or are trying to look like an iPhone (not all progress is good, though, especially in the interfaces), but that's an entirely new series of rants... Thankfully you're not stuck there, either, with half a dozen major ones to chose from.

Re:His daughter is probably more mature than him.

[Beelzebud]

His statements reek of someone who never has anyone call them on their bullshit.

Devices shouldn't require root access

The real problem here is that devices in general which the user can muck with (USB devices, plugged in printers, network devices of all sorts for normal user activity) should not need to be run in a privileged mode.

Problem would then be trivially solved.

Why are printer drivers privileged?

[Animats]

The real question is, why are printer drivers so privileged that "root" access is required? I assume they're no longer in the kernel; that's so last-cen. So why aren't they just applications in some directory owned by the "printer" user and managed by some utility that runs as that user?

fine grained?

[avgapon]

You don't. The whole point of sudo is that it gives you fine-grained control over the privileges of each user.

I wouldn't call it fine grained.

Re:fine grained?

[robsku]

RTFM

permissions are too binary

[Khashishi]

Being physically in front of the computer should grant certain privileges (unless overridden), like mounting plug-in devices,

Re:permissions are too binary

[Rich0]

I would generally agree, but perhaps with the limitation that those devices should only be visible to the user who mounted them.

The bugzilla report in question

[MetalliQaZ]

I think Linus is referring to this bug report in his rant:
https://bugzilla.novell.com/show_bug.cgi?id=731812

Re:The bugzilla report in question

[MetalliQaZ]

Wow, that bug has some crazy stuff. Linus is probably right, but has quite an attitude...

You're a distribution. Your *ONLY*GOAL*IN*LIFE* should be to make something
that works.

If you say "We ship shit, so you need to be an expert and fix it up in order
for it to be usable", you have failed at your job.

And seriously, that is exactly what you said.

Wild goose?

[dutchwhizzman]

African or European?

Re:Slow news day?

[canistel]

It's not about "wasting time writing a rant", it's about encouraging discussion, getting the problem recognized by a bunch of different people, and fixing problems across a bunch of distros, one of which is opensuse. And yes, not all programmers are equal; his time is more valuable than many other's, maybe even yours; get over it.

Re:His daughter is probably more mature than him.

[euroq]

Totally agree. I get angry. When I was a child, it was worse, and I had tantrums. When I was a teenager, it got (a little) better. When I was in college, when I had my first job, etc. I'm at the point where I would never write such putrid vitriol. It's probably because I've been humbled enough (even though I'm really smart) to reign in my emotions when confronted with inferiority because I myself am not perfect. The fact that he's an older man writing with that language reeks of someone who hasn't had many experiences of being humbled... i.e. someone never calling his bullshit. If you just saw that last part independently, you'd probably presume it came from a snarky little teenager written on an internet forum.

Much ado about nothing

[Cherubim1]

I'm tired of hearing about Linus' inane ramblings about what's broken with various linux distros. It's not llike the guy sets the standard for distro design since he only developed the base kernel. Printers should be installed by administrators and not clueless end-users who will mess things up so it makes perfect sense to give printer installation and management to a higher priveleged user.

Re:Much ado about nothing

[Bronster]

Talk about inane. I guess you've never taken a laptop somewhere with a different printer and wanted to .... I dunno, "print" something?

not the whole point of sudo

[spidr_mnky]

I can't speak for developer goals, but that's not why I use it. I use it so that I never have to have a root shell open, which I might carelessly leave open, which is a small (depending on context) security vulnerability, and a large safety problem, since I could (again, carelessly) type the next few commands as root by accident.

Anyway, making any program setuid root increases the chances that anyone that can run it could get unlimited root access. sudo in particular has a history of problems with the "limited access" use case. It tends to give away more root than you might think, especially if the user is inclined to persist at trying to get it.

I'll grant that if you trust someone not to try to exploit your system, but you just don't think they need full root access, sudo is a convenient way to give them just what they need. I disagree that that's the "whole point", though. My policy is not to give out sudo privileges (however limited) to anyone I wouldn't trust with full root access.

iPadBook and Apple TV 3

[tepples]

You make a good point. So let me rephrase: How long will Apple continue to sell Mac computers for home use, such as the MacBook Air, Mac mini, and iMac, before replacing them with iOS devices such as the iPadBook, Apple TV 3, and televisions with integrated Apple TV 3? Such a move would push "development and content production" toward the MacBook Pro and Mac Pro.

Neglecting ~/bin

[tepples]

everyone else that uses that machine

Which, in the case of a personal laptop, amounts to the null set.

In a lot of home environments, it isn't a personal laptop as much as a laptop on which mom and the kids take turns. I've seen this happen in two households within my extended family. So in this case, even a laptop is likely to be a multi-user machine.

Isn't that what ~/bin is for?

Then let me rephrase my comment: Multiuser operating systems' package management facilities have tended to neglect ~/bin. For example, notice that only a sudoer can usefully run Ubuntu Software Center.

The security model for Linux as a multiuser machine is getting in the way of its actual use pattern. And if Linus Torvalds can see this, why can't you?

There are two ways to implement the behavior that Linus seems to want on top of his security model. One is "install printer just for me" (driver goes into ~/bin); the other is "any user authorized to log in locally can install printers for all users" (printer admin group model). Which is better?

Fast User Switching

[tepples]

active desktop

For one thing, I thought we were talking about Linux, not Windows widgets :p For another, how do Linux and X implement Fast User Switching? However it works, there's probably a PolicyKit recipe that implements the desired behavior.

Distinguishing the use cases

[tepples]

Its a laptop!

Yet it runs the same operating system as a workstation-server. How should the installer distinguish these use cases without presenting excessive questions to the user at install time?

The old saying goes ...

[Rambo+Tribble]

... "One man's music is another man's noise." I'm not sure but what this feature might not warm the heart of many an enterprise admin struggling to enforce security in an environment of sprawling attack surfaces and wildly proliferating attack points.

Linux sucks

[byrtolet]

Yes, Linux sucks, sometimes a lot. It also has some really good stuff.

The problem is that some people realise that linux sucks just after Linus realizes. That's sad.

Re:Slow news day?

[hobarrera]

Nope, I insinuate that he doesn't want to bother configuring these things, much like many other users don't want to, even though he *could* if he wanted to.

quote from a book

[MadMaverick9]

In general, the difficult periods of life provide the best opportunities to gain useful experiences and develop inner strength. In America those members of the younger generation who have such an easy, comfortable life often find it difficult to face even small problems. They immediately start shouting

I don't want to be around, when Mr Torvalds has to face life's real problems.

I often agree with Linus, but this time he's wrong

[funky_vibes]

The Admins are also wrong,

Unix security isn't just a topic of discussion and a bunch of tools, it's a set of rules and assumptions that thousands of people seem to agree upon.

* There are 2 security levels: root and user.

* A user cannot do things which could harm any other user or the system.

* Harmful behaviour is defined by root. It's a chain of trust like so: everyone else -> root -> user
    (root guarantees to the rest of the network that they will not, and will not allow users to do anything bad)

* Changing system configuration is always defined as harmful behaviour

* The user who administers the system also has a root account, which is used with more care than their normal account.

* Installing hardware is per definition changing the system configuration and always requires root access.

* In a different world, it'd probably be logical to filter all except local network access by users as well, since only the admin can really be liable. But in todays internet where nobody seems to be liable for anything, we can safely ignore this restriction.

Things have changed since then, and the "system" is nowadays a portable computer where the only user is also the admin. And any case where the user isn't given a root account as well, in effect *reduces* security, since otherwise the user will just put the system-sensitive stuff in their home directory if they can.
Still, there's a very good reason for at least 2 different security levels, it means the system can protect you from yourself, using your own guidance.

Now, the topic of printers; printers are hardware devices, but don't always need installing to be used.

If your printer is a network printer, and all you require is sending it postscript/pcl/pdf via a network protocol, and your user has unhindered network access. No hardware installation is necessary, and printing requires the same privileges you enjoy while sending e-mail.

If your printer is a usb/parallel device and your operating system already knows how to talk to it, in theory you could by default allow any user to access it. But it would be a very stupid default since it cannot be known which users on the system should have access to it, this is best left for root to configure correctly.

If it's a winprinter (a printer which requires a program from a manufacturer) and connects via usb/parallel, it would most definitely need root to install, since only the admin can make any kind of correct judgement in this case.

However, I don't see a reason why a network connected winprinter should need root privileges (although it's very rare to find such installers) and print systems aren't pre-configured this way, nothing is stopping *you* from doing it right now on any fairly ordinary system.

Printing hardware is nowadays unique, in that most printers adhere to standards which has made it possible to seemingly "install hardware" without configuring a system.
People who think it should always "just work" aren't considering all the security aspects.
What if your attacker, an industrial spy, plants a rootkit on your printer? that'd compromise all printed documents from other user accounts as well.
Actually, strike that. Never trust a network, not even your own, and you're safe ;)

You can draw your own conclusions or you can take mine: They were wrong not give Linus' girl a root account on her laptop, but Linus is also wrong to demand system configuration without a root account.