I think the executable bit is a simple "attribute" that everybody seems so gung-ho on adding to file systems. In my opinion that is going to be as safe as the file-naming scheme used on Windows and it is annoying that there is so many claims that filesystem A will clobber B because it has attributes.
Is the execute bit the end-all-to-beat all? Absolutely not. It is a damn helpful tool though.
You're right on the file-only level though only partially. The difference for file systems has quite a bit of impact, and that's the reason Unix has had the execute bit for decades. Other new attributes (see Reiser FS for examples) are being added for future enhancements.
Think of it this way; knowing who or what created a file is an invaluable way of identifying who to talk to or if it's OK to erase or move something. File attributes -- linked to the user or group -- allow for even more control before the fact instead of after it (might be) too late!
Setting attributes can easily provide a way to have security and ownership details automatically be inherited across sets of files -- many that may not even exist yet.
With the execute attribute, simply copying the file to the disk doesn't make it executible. With the tendency of Windows to hide the extention from the user, it is much easier to socially engineer these clickable hostile programs. If it says it is a picture, why not click it?
So really, if you drank nothing but fresh and clean, pure water from day one, you'd have awful and horrible teeth. Ask your local dentist about the benefits of fluoridized water if you don't believe me.
I've had cavities during two periods of my life; one during childhood, and the second in my late 20s after drinking only bottled water. My girlfriend at the time also started to do the same, and ended up with a cavity too. We both drank bottled water instead of tap water for a few years before either of us had cavities.
The lack of floridie might not have been the reason, though I haven't had a cavity since I've allowed myself to drink tap water. FWIW...
Unix's privilege separation wouldn't prevent something like, say, trashing all the user's files - files that are usually more important than the easily restored operating system. Don't be fooled into thinking that even Unix does security right.
Another thing...the program would likely be killed when the user logged out. Not necessarily, though that would be another hoop that a silent Unix virus would have to deal with.
Could you elaborate on this a little? From what little I understand of permissions in *nix, this might prevent data from being written in the wrong spot (i.e. overwriting of system files), but would it prevent a headless app from running and sending out messages to other machines?
Programs execute with the same permissions as the user, though this happening is not very likely. For this to occur, two things have to happen;
The execute bit must be set on the file.
The program handling the file must run the program or allow it to be run when clicked.
Neither are impossible, though these are unlikely. (Some apps might skip the first step, though this is also rare.)
Keep in mind that unlike Windows, Unix-style systems don't use the name of the file or it's extention (suffix) to determine if a file is an executible. If Windows followed the same model, you could click on worm.exe and Worm would not run automatically.
From the standpoint of economics free software is just looney. That would be like cars just being free for the taking, like leaves on the ground in the fall. Everyone would be poor if they just get what they wanted like that.
That is it in a nutshell.
To expand a bit: people think that because a company they buy from is doing well, they personally are doing well. This is hooey. I've seen managers who want to develop "relationships" and "partner" with off-the-shelf software and hardware companies when the company they "partner" with is not a peer or natural partner!
Worse, even, is that when some of these vendors look for new markets to expand into...what do they see? New markets? New ideas? Nope, the current customer's business is what they see, and that is where they expand into.
These vendors are not peers, they are potential competitors. At best, they are places to find jobs in the future. At worst, they will put you out of a job.
The only thing outside of missing the big picture is if these managers get kickbacks and personally benifit. I don't see it, though higher up the food chain I suspect it happens.
Why is everyone so afraid of the concept of anything being 'free'?
Idioms: "You can't get something for nothing." vs. "The best things in life are free."
Software is typically thought of in the first category (an item) not the second (an emotion or personal relationship).
I've had many people repeat what to them seems obvious but to me is silly; "If anyone can see the code, it is less secure." and "It can't be as good as what is being sold otherwise the people would sell it instead of giving it away." Both miss the context of what is going on, though they are not easily addressed with a counter concept.
I "get it", you "get it", most people are still deaing with open source and free software with kindergarden concepts that to them are a given.
You just need to give out enough of your product to make the public want the stuff you need to pay for.
Another example is The Kompany. They had this tactic before and released some products that allowed them to sell add-ons. After some fumbles, they are back at it again with Rekall as this site shows and as discussed here.
I was expecting some lame article, and true many of the predictions are of the "Duh..." variety, though a few were quite interesting as well as plausable;
* USB "flash memory" sticks (which you plug in to a port on a computer to provide extra storage space) will become very popular, and applications will be released that can be stored on them to run on any computer without altering its settings. Presently, 256Mb costs 125; expect that to halve this year. You could soon carry a stripped-down operating system in your pocket to boot any machine to look like yours. In the long term, this could lead to stripped-down computers where the machine holds no important data; it'd all be on the USB stick.
That's something I'm looking into and it is very interesting. 256M, though, is not enough. A 1G USB stick could be the sweet spot for having both apps, data, and (optionally) an entire OS. At current prices for 1G sticks, though, I can't see many people doing it so development will be stalled.
Most apps need to be installed or require a runtime environment that has to be installed
To boot a USB stick currently requires BIOS changes or a boot diskette/CD and waiting. The alternative is to have a VM of some sort 'run' the OS as a guest.
Fixing either of these issues seamlessly will take awhile...probably won't happen in 2004.
Just to clarify things, Windows CE IS open source. There is a modified shared source license that CE is licensed under.
Is this the Microsoft "Shared Source" licence?
If it is, that licence is closed and highly restricted... with source code available to those who aggree to the NDA if the person is in the group MS will even allow to sign that NDA in the first place.
Finall, a capable browser for Samba networks for Macs!
Great! Do you think they'll port it to Linux?
Both Nautilus and Konqueror are a real PITA (one crashes and both require passwords to be entered for each and every directory -- even when the passwords are 'saved').
The best -- though still painful -- choice I've found so far is to run two copies of Nautilus under KDE; one for the lan and one for my home directory so I can cut and paste between them because KDE and Gnome don't communicate for drag and drop or copy functions. AUGH! Linneighborhood is also a PITA and does not integrate with either KDE or Gnome.
Please tell me I'm on crack or that this is fixed in either a later Gnome or KDE. I'm not using beta or alpha versions, just the current releases.
> it has more/better features than mozilla (fish://, file://, ftp:// smtp://, etc. etc.)
Hold on, many people here habitually abuse MS for making the "browser the OS" and certainly can spot feature-creep a mile away, but when it comes to KDE's browser its suddenly okay? I like having a whole seperate browser for web and use Nautilus for file browsing. Keeping WAN and Local/LAN seperate is a big plus in mine, and many other's books.
While I agree with all your other points, this one isn't right.
Konqueror provides a good view to KDE services but is not required to run KDE.
IE provides little except for browsing, yet it can't be removed without extreme pain and even then it's still around in parts and pieces.
You can use KDE without Konqueror by simply ignoring it...you can't use Windows without IE poking it's nose up -- sometimes in the strangest places.
My biggest complaint about IO Slaves is that they often aren't easy enough to use...not that they (or Konqeuror) get in the way.
Before someone makes a comment on "how do you know it's secure" I don't. I'm just relaying what shows up on the link within the first couple paragraphs.
or does this sort of defeat the whole point of having a box that you can't connect to over the network in the first place? Whats to stop an attacker connecting through the tunnel to the noip'd box?
It's an encrypted, secure, service. Says so on the first page.
My Briggs & Riley laptop case has held together. Over the last 7 years (according to my reciept; it has a lifefime warranty). Back then, it cost me $140 USD.
The only wear is that the black paint on the metal has worn off, and one of the plastic feet fell off. The 'ballistic nylon' (very thick mesh) has not worn out or cracked anywhere.
About a week ago, I dropped the bag with laptop about 1 1/2 feet onto black top -- again -- though this time there was dammage. Laptop has a crack in the lid near the hinge. While the bag has some padding, it is moderate but largely the same as when I bought it.
Now, that said, the company is 10 years old...so, it's possible that cost cutters have cheapened the current bag down to the point where it's not worth the price anymore. For what it's worth...
Exchange server provides a heck of a lot of protocol interfaces, but I can only presume you're referring to MAPI?
Do some research. You'll be surprised just how little is actually disclosed.
Exchange has many little additions, none of them open, and if your admin uses only MS's propriatary protocols, you aren't connecting to the server for anything at all^ -- *unless* you use Microsoft's Outlook and only Outlook. This covers not only email, but calendar, scheduling, and others aren't open either. While I personally don't care about those things (minus email), my immediate boss does...so, it's a PITA.
If MS used all open protocols or opened the ones they currently DO NOT disclose, this would not be an issue.
Experiment: How many programs can connect to Exchange 5.x using MS's propriatory protocol? Later versions? Any of them open?
(^ - Only Ximian's connector comes to mind...and that does not work with Exchange 5.x.)
The sticking point for QT is that it's an either/or situtation for commercial apps. *IF* it starts out GPL, and you want to move it into the commercial arena, you CAN'T; the licence doesn't allow it.
You have to know up front that the app will be commercial and buy a QT licence first.
Probably true. I tend to remember the failures, though it's possbile that there are some companies that always produce good products...even if those products are literally sand and crushed stone.
You don't compare a Hatchback to an SUV and say the SUV is better because it has more features. You compare within your class. The IPOD is an MP3 player the Karma is a full fledged Digital Audio Player (Slight distinction to most people but distinction none the less).
I don't see that much of a distinction. Both play and store audio. They have the same capacity, have jacks to connect to headphones or speakers, music can be placed on them, and buttons on the surface are used to control playback. It's very likely, because these are so similar, that a potential iPod and Karma buyer would consider the other device and at the spur of the moment might pick it. The Karma costs less and does more, and has about the same features where there is overlap...so the iPod is a hard sell to me in comparison.
For the trucks, they both have 4 wheels though they really have entirely diferent functions and potential buyers -- except for the most flaky of buyers. Those people might decide on a regular Jeep or Subaru just as readily, let alone entirely different vehicles.
Slashdot Mirror
You're right. It should *everywhere*. Right now, it's app-by-app.
Is the execute bit the end-all-to-beat all? Absolutely not. It is a damn helpful tool though.
You're right on the file-only level though only partially. The difference for file systems has quite a bit of impact, and that's the reason Unix has had the execute bit for decades. Other new attributes (see Reiser FS for examples) are being added for future enhancements.
Think of it this way; knowing who or what created a file is an invaluable way of identifying who to talk to or if it's OK to erase or move something. File attributes -- linked to the user or group -- allow for even more control before the fact instead of after it (might be) too late!
Setting attributes can easily provide a way to have security and ownership details automatically be inherited across sets of files -- many that may not even exist yet.
With the execute attribute, simply copying the file to the disk doesn't make it executible. With the tendency of Windows to hide the extention from the user, it is much easier to socially engineer these clickable hostile programs. If it says it is a picture, why not click it?
I've had cavities during two periods of my life; one during childhood, and the second in my late 20s after drinking only bottled water. My girlfriend at the time also started to do the same, and ended up with a cavity too. We both drank bottled water instead of tap water for a few years before either of us had cavities.
The lack of floridie might not have been the reason, though I haven't had a cavity since I've allowed myself to drink tap water. FWIW...
Unix isn't magic, it is a tool, though in comparison to Windows it's much less likely to be an issue.
Process over product is and remains the rule.
Another thing...the program would likely be killed when the user logged out. Not necessarily, though that would be another hoop that a silent Unix virus would have to deal with.
Programs execute with the same permissions as the user, though this happening is not very likely. For this to occur, two things have to happen;
Neither are impossible, though these are unlikely. (Some apps might skip the first step, though this is also rare.)
Keep in mind that unlike Windows, Unix-style systems don't use the name of the file or it's extention (suffix) to determine if a file is an executible. If Windows followed the same model, you could click on worm.exe and Worm would not run automatically.
A 1G stick would accomidate the OS, apps, tools and data.
That is it in a nutshell.
To expand a bit: people think that because a company they buy from is doing well, they personally are doing well. This is hooey. I've seen managers who want to develop "relationships" and "partner" with off-the-shelf software and hardware companies when the company they "partner" with is not a peer or natural partner!
Worse, even, is that when some of these vendors look for new markets to expand into...what do they see? New markets? New ideas? Nope, the current customer's business is what they see, and that is where they expand into.
These vendors are not peers, they are potential competitors. At best, they are places to find jobs in the future. At worst, they will put you out of a job.
The only thing outside of missing the big picture is if these managers get kickbacks and personally benifit. I don't see it, though higher up the food chain I suspect it happens.
Confirmation or clarifications are appreciated!
Idioms: "You can't get something for nothing." vs. "The best things in life are free."
Software is typically thought of in the first category (an item) not the second (an emotion or personal relationship).
I've had many people repeat what to them seems obvious but to me is silly; "If anyone can see the code, it is less secure." and "It can't be as good as what is being sold otherwise the people would sell it instead of giving it away." Both miss the context of what is going on, though they are not easily addressed with a counter concept.
I "get it", you "get it", most people are still deaing with open source and free software with kindergarden concepts that to them are a given.
Another example is The Kompany. They had this tactic before and released some products that allowed them to sell add-ons. After some fumbles, they are back at it again with Rekall as this site shows and as discussed here.
That's something I'm looking into and it is very interesting. 256M, though, is not enough. A 1G USB stick could be the sweet spot for having both apps, data, and (optionally) an entire OS. At current prices for 1G sticks, though, I can't see many people doing it so development will be stalled.
Most apps need to be installed or require a runtime environment that has to be installed
To boot a USB stick currently requires BIOS changes or a boot diskette/CD and waiting. The alternative is to have a VM of some sort 'run' the OS as a guest.
Fixing either of these issues seamlessly will take awhile...probably won't happen in 2004.
Is this the Microsoft "Shared Source" licence?
If it is, that licence is closed and highly restricted ... with source code available to those who aggree to the NDA if the person is in the group MS will even allow to sign that NDA in the first place.
Bonus points: Why work on a closed source version of a propriatory operating system without getting paid?
Not saying the case you mention has these faults, though I'd get a sample first just to be careful.
Great! Do you think they'll port it to Linux?
Both Nautilus and Konqueror are a real PITA (one crashes and both require passwords to be entered for each and every directory -- even when the passwords are 'saved').
The best -- though still painful -- choice I've found so far is to run two copies of Nautilus under KDE; one for the lan and one for my home directory so I can cut and paste between them because KDE and Gnome don't communicate for drag and drop or copy functions. AUGH! Linneighborhood is also a PITA and does not integrate with either KDE or Gnome.
Please tell me I'm on crack or that this is fixed in either a later Gnome or KDE. I'm not using beta or alpha versions, just the current releases.
Hold on, many people here habitually abuse MS for making the "browser the OS" and certainly can spot feature-creep a mile away, but when it comes to KDE's browser its suddenly okay? I like having a whole seperate browser for web and use Nautilus for file browsing. Keeping WAN and Local/LAN seperate is a big plus in mine, and many other's books.
While I agree with all your other points, this one isn't right.
Konqueror provides a good view to KDE services but is not required to run KDE.
IE provides little except for browsing, yet it can't be removed without extreme pain and even then it's still around in parts and pieces.
You can use KDE without Konqueror by simply ignoring it...you can't use Windows without IE poking it's nose up -- sometimes in the strangest places.
My biggest complaint about IO Slaves is that they often aren't easy enough to use...not that they (or Konqeuror) get in the way.
Nevermind. I'm a moron.
Before someone makes a comment on "how do you know it's secure" I don't. I'm just relaying what shows up on the link within the first couple paragraphs.
It's an encrypted, secure, service. Says so on the first page.
The only wear is that the black paint on the metal has worn off, and one of the plastic feet fell off. The 'ballistic nylon' (very thick mesh) has not worn out or cracked anywhere.
About a week ago, I dropped the bag with laptop about 1 1/2 feet onto black top -- again -- though this time there was dammage. Laptop has a crack in the lid near the hinge. While the bag has some padding, it is moderate but largely the same as when I bought it.
Now, that said, the company is 10 years old...so, it's possible that cost cutters have cheapened the current bag down to the point where it's not worth the price anymore. For what it's worth...
You're on my development team, aren't you?
OK, then what's stopping you from double clicking on the package? It works in Red Hat and Fedora.
Do some research. You'll be surprised just how little is actually disclosed.
Exchange has many little additions, none of them open, and if your admin uses only MS's propriatary protocols, you aren't connecting to the server for anything at all^ -- *unless* you use Microsoft's Outlook and only Outlook. This covers not only email, but calendar, scheduling, and others aren't open either. While I personally don't care about those things (minus email), my immediate boss does...so, it's a PITA.
If MS used all open protocols or opened the ones they currently DO NOT disclose, this would not be an issue.
Experiment: How many programs can connect to Exchange 5.x using MS's propriatory protocol? Later versions? Any of them open?
You have to know up front that the app will be commercial and buy a QT licence first.
Probably true. I tend to remember the failures, though it's possbile that there are some companies that always produce good products...even if those products are literally sand and crushed stone.
You don't compare a Hatchback to an SUV and say the SUV is better because it has more features. You compare within your class. The IPOD is an MP3 player the Karma is a full fledged Digital Audio Player (Slight distinction to most people but distinction none the less).
I don't see that much of a distinction. Both play and store audio. They have the same capacity, have jacks to connect to headphones or speakers, music can be placed on them, and buttons on the surface are used to control playback. It's very likely, because these are so similar, that a potential iPod and Karma buyer would consider the other device and at the spur of the moment might pick it. The Karma costs less and does more, and has about the same features where there is overlap...so the iPod is a hard sell to me in comparison.
For the trucks, they both have 4 wheels though they really have entirely diferent functions and potential buyers -- except for the most flaky of buyers. Those people might decide on a regular Jeep or Subaru just as readily, let alone entirely different vehicles.