
Linus torvalds on security - sagarun
https://plus.google.com/102150693225130002912
======
DarkShikari
The worst part is that this kind of thing actually makes security worse.

If you force people to bypass security to do ordinary tasks, and train them to
constantly enter the root password for everything, you don't actually _have_
any security. It's like the password policy that's so impractical that
everyone sticky-notes passwords to their monitors, or the Vista UAC.

~~~
astrodust
Too many alerts like that and you're all "Yeah, yeah, whatever, 123123abc here
you go".

------
tantalor
Really ought to link to the proper URL for the post:
[https://plus.google.com/102150693225130002912/posts/1vyfmNCY...](https://plus.google.com/102150693225130002912/posts/1vyfmNCYpi5)

~~~
davidw
The photo of Timberline was nice though:-) Linus has got to be one of Oregon's
more illustrious citizens.

------
ajross
A little intemperate but pretty much right IMHO. It's far too easy,
bureaucratically, for someone to tighten a security screw than loosen it. So
straightforward goofs like this (e.g. there's no permissions system in place
for printer or wifi addition yet, so you need root -- just a architecture
thing, not an authentication requirement) get locked down by their interaction
with the security subsystem. So no one wants to make the call as to whether
"security will break" if you allow printer configuration to non-root users. So
nothing happens.

That said, modern linux certainly has mechanisms in place to handle this
stuff. Fedora and Ubuntu don't seem to have a problem with seamless system
configuration from the console user anyway.

------
viraptor
It really depends on the context / configuration (or at least should depend
on). Imagine a host available to public at a library. Considering that people
can come there to print out some sensitive documents, you don't want to allow
normal users to change printer settings. Someone could remove the default one
and set up a tunnel through his own host, capturing all documents on the wire
before they hit the printer. Very similar situation exists for the WiFi
networks.

Of course this doesn't make any sense on a laptop. But it doesn't look like
there's any sane default. You need to choose your configuration properly and
that's it. If OpenSUSE doesn't allow it, then yes... that's a bug.

~~~
icebraining
I disagree. Defaults should be prioritized; they should optimize for the
majority of the users, not the minority, and for the casual home user, not big
organizations (like libraries), since they're more likely to have
professionals configuring the system.

------
javert
_... please just kill yourself now_

I don't think someone who actually knows what it's like to experience suicidal
thoughts would ever say something like that to people in a
technical/professional context.

There is something to be said for the "tough love" Linux culture, but IMO,
language as extreme as what I just quoted is just not acceptable.

For me, this is crossing the line from "Linus has an interesting and
entertaining character" to "this person seems to be mentally disturbed."

~~~
mongol
Yes I agree. And it is like every other quote from Linus contains similar
exaggregations. I think it is his biggest weakness.

~~~
flomo
This type of 'edgy' language was very popular back on Usenet in the 1990s, and
the Linux kernel mailing list never really got away from it. Very much a
Generation X thing - Kill yourself, they're smoking crack, those retards, kick
em in the nuts, etc etc, yawn.

~~~
roel_v
Ouch, now you're making me feel old, I still do those things, and yes have
done for 15 years.

------
cpswan
It's funny that some of the areas that he touches on are also things where
Windows requires local admin. Clearly a messed up privileged action model
seems to be common across OSes.

~~~
huhtenberg
Don't get started on Windows. Just don't.

You know that UAC prompt you get when running setup.exe for an IM client? Ever
wondered why there's an UAC prompt in the first place? Because Windows assumes
that setup.exe needs admin privileges (unless .exe explicitly states that it
doesn't). This piece of engineering doesn't even have a concept of ~/bin. In
fact, there is/was an official W7 guideline that said that all programs must
go into %ProgramFiles%, which is a system directory. Now, what sort of a
imbecile decided that it's a good idea to let an underprivileged account
install into a system directory - UAC or not - is beyond me. So, please, don't
mix Windows in. While Linux distros have their dark moments, Windows is just
one big service pack now.

~~~
mhurron
The official installation path for Windows being Program Files is no different
than the expected installation for the majority of .deb or .rpm files being
/usr. In both cases, you can't install software with its default assumption as
a unprivileged user. The defaults on both Windows and basically every Linux
distribution assume software installs are done by a privileged account.

You can install to c:\Users\%USERNAME% if you want to, if the installer lets
you pick a path, this is how Chrome installs. Just like you can install into
~/bin if you want to, but you are going to have to go a little out of your way
to do it.

~~~
huhtenberg
Windows is far more riddled with malware and spyware than Linux distros, their
users are far more ignorant than the Linux crowd, so having %ProgramFiles%
default to a system directory is substantially worse and damaging than letting
apt-get (that can't even be run without root privileges) default to /usr. Take
a look at a list of predefined paths available on Windows [1]. It doesn't have
anything even approximating ~/bin. At the very least they could've said -
"here, use %UserProgramFiles% if need be", but they just don't care. And if
you try and install into C:\Users\\...\Program Files, you will quickly be mis-
detected as malware or spyware. Unless you are Chrome, which you are probably
not. So, yeah, Windows is really hopeless.

[1] [http://msdn.microsoft.com/en-
us/library/windows/desktop/bb76...](http://msdn.microsoft.com/en-
us/library/windows/desktop/bb762494%28v=vs.85%29.aspx)

~~~
zokier
You keep mentioning ~/bin, but I don't think any major distro ships with such
thing. So I don't really see how the situation is any better on Linux than it
is on Windows. And then Windows has the Folder Virtualization trick.

> And if you try and install into C:\Users\\...\Program Files, you will
> quickly be mis-detected as malware or spyware

So it's Windows's fault if you use crappy anti-virus applications? If you'd
use similar applications on Linux wouldn't it equally flag ~/bin as malware
too?

------
antoncohen
Fedora had this problem last time I used it, things like adding printers
prompted for the actual root password (according the docs Fedora 16 still
prompts for the root password). Ubuntu (and Mint) got it right. There are
privilege groups that can be set so things like adding printers and wifi
networks don't ask for a password. For things the user doesn't have privileges
for, if they are an admin it will prompt for their user password (sudo-style)
instead of the root password.

As Linus said, the SUSE and Fedora way makes it hard to deploy in a business
setting where you want users to be able to administrate their own machines but
you don't want them to have the root password.

------
SkyMarshal
> _.. and now I need to find a new distro that actually works on the Macbook
> Air._

What would that be exactly? I didn't realize any Linux distro's worked well on
MBA yet.

------
donniezazen
I find it funny, how effortlessly Linus trashes people.

~~~
16s
Seems to be part of the free OS culture. Everyone trashes someone. Theo and
the OpenBSD devs think Linux is garbage written by people who don't understnd
Unix. All of the free OS guys have someone they make fun of regularly. It's a
bit silly I think, but that's just how it is.

"Look at them, they use C++... ha ha ha idiots. Oh look at them, they use
Linux... utter and complete bloated garbage compared to _real_ Unix."

Wash, rinse, repeat.

~~~
mayanksinghal
If not overdone, I think it is fun. The community will mature at some point in
future, but currently the evangelists comprise of not professionals whose jobs
are to get these platforms/softwares to more people but passionate fans and
contributors who believe in the product and think that their's is the best of
them all. It does lead to an unnecessary increase in tension in the community
but it also means that those who are involved will be true to their beliefs
and contribute to their distro/software/platform in a much more personal and
devoted way.

And it is not like commercial software community is never involved with any
flamewars. When they do it, they do it for marketing and they do it
professionally [1]

[1] <http://www.youtube.com/watch?v=k4EbCkotKPU>

------
trevi
He is spot on, but I find (and always found) his wording way too aggressive.
Makes it kind of hard to have a constructive discussion on the topic, which by
the way _really_ needs such discussion.

~~~
sjwright
It's also kind of hard to have a constructive discussion on the topic if
nobody takes notice. Without the invectives, it probably wouldn't have been
noteworthy enough to spread like wildfire across the hacker sphere.

------
jnazario
every now and then linus peeks in at what passes for linux, freaks out, gets
pissed off at the state of things, vents, and everyone chimes in. so i'll
chime in.

this is what you get when you are laissez-faire about how things operate in
the land you helped create and ignore issues (via guidance and suggestions)
for years on end. this happened with wifi some years ago, too, and didn't get
attention until linus got a laptop with wifi.

this is just one reason why i stopped using linux day to day over ten years
ago, happily.

~~~
redthrowaway
>this is just one reason why i stopped using linux day to day over ten years
ago, happily.

It's gotten a _whole_ lot better in the last 10 years.

~~~
jnazario
use it on servers at work, it's gotten horribly confusing in terms of configs.
real scary, inconsistent mess.

i don't use it as my primary machine or dev machine any more.

i'd say i'm pretty up to date with it (and alternatives) and still disagree
with you. "whole lot"? i disagree.

------
yitchelle
Why is it news when Linus mention something so obviously frustrating as the
security scheme is on OpenSUSE?

Would it make a difference if s/Linus/JoeBlog/ mentioned it if the issue is so
frustrating?

~~~
dpcx
It's all about the perceived level of intelligence related to the field. It'd
be no different than Rand Paul making a fuss about budgets versus Joe Blog.

------
Duff
He is wrong about date/time setting. Most computers have automatic time sync,
and consistent time stamps are important for many business purposes. Giving
end users the ability to manipulate time can cause significant issues.

Is it overkill for Linus's kids? Yes. But OpenSUSE wasn't put together for his
kids.

~~~
batista
_He is wrong about date/time setting. Most computers have automatic time sync,
and consistent time stamps are important for many business purposes. Giving
end users the ability to manipulate time can cause significant issues._

On a _laptop_? A seriously doubt it. Make the bloody distro learn to
differentiate between a server and a personal installation, and change the
settings accordingly.

~~~
bmj
Why does it matter if it's a server? I reckon, if it's a server, the only
people that should have that sort of access to it _should_ be trusted to
change the time.

------
Iulian
The real problem is the `MacBook Air`, not security...

~~~
batista
Really? How so? Because the MacBook Air has nothing to do with the issue at
hand, and it is by Linux admission the best laptop for him (from the thread: "
_Trust me, I tried. Nothing better exists. It's sad. They are all big and
clunky_ ").

