LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-09-2008, 08:30 AM   #16
farslayer
LQ Guru
 
Registered: Oct 2005
Location: Northeast Ohio
Distribution: linuxdebian
Posts: 7,249
Blog Entries: 5

Rep: Reputation: 191Reputation: 191

Quote:
Originally Posted by i92guboj View Post

Any OS is ultimately as secure as knowledgeable is its administrator.
This line bears repeating.. With poor administration or Operation habits, Linux can be insecure.

When people say things like

Don't log in as root all the time

Don't launch X with root privileges
etc..

they are telling you not to fall into these bad practices that can make your system inherently insecure.

Out of the box thought I'd say Linux is less vulnerable than Windows..
 
Old 09-09-2008, 09:34 AM   #17
ceantuco
Member
 
Registered: Mar 2008
Location: New York
Distribution: Debian
Posts: 809

Rep: Reputation: 88
I agreed with [B]i92guboj[B] . I manage a lot of windows 2000, xp and vista systems (fortunately only 1 vista pc). All the users have restricted rights which is good for them not to install software however there are programs already installed in their systems that won't run properly due to the user restrictions which drives me nuts!!!
Also, when you install Windows XP it would prompt for a user name and password which is "secure" BUT windows has a default Administrator user called ADMINISTRATOR and password is BLANK!!!
how secure is that?
Now, while running my Linux machine I have bad habits, I tend to mostly run it as ROOT... I know I know I know is not secure. I promise starting right now I will log off and log on as a regular user.
 
Old 09-09-2008, 09:50 AM   #18
ceantuco
Member
 
Registered: Mar 2008
Location: New York
Distribution: Debian
Posts: 809

Rep: Reputation: 88
now running as regular user
 
Old 09-12-2008, 06:12 AM   #19
wstay
Member
 
Registered: Aug 2008
Posts: 61

Original Poster
Rep: Reputation: 15
I presume it is 'reasonably' safe to run ie6 using wine on linux given that
ie has security holes for attackers running from windows.
 
Old 09-12-2008, 07:17 AM   #20
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301
Why would you run ie6 through wine ? You love it that much ?
 
Old 09-12-2008, 11:32 AM   #21
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,622

Rep: Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651
there are only a handful of websites that REQUIRE IE6,IE7 ( this is growing ) and on windows .
They are using active x and/or siverlight to display there website and content , ( ESPN -360 is one) . dual boot for that .
Why would one want to run IE6 , and outdated and lousy ( and no tabs for one ) browser .
 
Old 09-12-2008, 01:49 PM   #22
H_TeXMeX_H
LQ Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301Reputation: 1301
I strongly recommend against activex, as you may know it is very insecure and buggy. Does $ilverlight even work through wine and ie6 ?
 
Old 09-12-2008, 03:54 PM   #23
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,083

Rep: Reputation: 405Reputation: 405Reputation: 405Reputation: 405Reputation: 405
Quote:
Originally Posted by wstay View Post
I presume it is 'reasonably' safe to run ie6 using wine on linux given that
ie has security holes for attackers running from windows.
Most vulnerabilities will be there. Wine aims to implement a better windows-like api with each version. So, the goal is to be able to run programs like they would run in windows. Wine can't make a distinction between what parts of the code you want to run and what parts of the code you don't want to run because are vulnerable.

This is why I usually advice to create a separate user account for this purpose. At most, any application will have the same privileges of the user it runs under. If you run IE as your regular user and there's any problem, it can affect all the files that your user can write to. If you run it as another user whose account contents is not important for you, then the risk is virtually zero. Of course, never run it as root.
 
Old 09-14-2008, 03:23 AM   #24
wstay
Member
 
Registered: Aug 2008
Posts: 61

Original Poster
Rep: Reputation: 15
I installed ie using:

sudo apt-get install cabextract wine
wget http://www.tatanka.com.br/ies4linux/....5beta6.tar.gz
tar -xvzf ies4linux-2.5beta6.tar.gz
cd ies4linux-2.5beta6
./ies4linux --beta-install-ie7 --no-gui

The installation finished successfully and ie6 opened fine except ie7 which opened blank.
I presume the ie6 that opened has got the ie7 'stuff' in it. I don't really know
Is the ie6 using wine and active x on a Linux platform.

I have to use ie6 or maybe ie7 only on Linux os because other browsers on Linux
cannot display online Share and Trading in my case even after selecting Internet Explorer
under Browser Identification.

The problem is, either we are using Linux as a normal user or as a root, there is always a reason
to be afraid that the web sites that we use or visit especially Banks or the like,
could be compromise by hackers.
 
Old 09-14-2008, 01:28 PM   #25
dj-toonz
LQ Newbie
 
Registered: Sep 2008
Posts: 3

Rep: Reputation: 0
A few good points about how safe Linux is . It's only as safe as you make it. and the good thing is, you can install Linux and surf straight away without getting spyware / viruses in the first 30 seconds of being on-line like in windows. before moving onto Linux it used to take me about 45 minutes to a hour to set everything up using windows 2000 so I was safe using the internet I.E (installing zone alarm , avg free with the latest updates stored on a usb memory stick,install firefox & thunderbird) , but with using Linux there is none of that to do, why I changed over in the first place (to get away from all that & having to keep re-installing every month of so). Reading the posts about running IE6 under wine. I do run Ie6 under fedora core. But not in wine. I've got crossover office installed & rum IE6 under that (Crossover office is like a sandbox) why a few people can't get away from using Internet explorer is because some websites wont view proper using firefox/opera under Linux take Hotmail for example you try to sign in using firefox under Linux. it comes back with you need to be running internet explorer 6 or later, firefox 2+ or later, opera, right but even with using agent switcher and faking what browser & operating system in firefox doesn't work, wtf I'm using the latest version of firefox man (browse the same site under IE6) and everything works :-( even my bank is like that, I can't view it using any of the Linux browsers proper without having to resort to logging in using IE6, you can log in 100% correct with firefox & opera using windows & mac, :-(

Last edited by dj-toonz; 09-14-2008 at 01:44 PM. Reason: changed the post
 
Old 09-14-2008, 08:50 PM   #26
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,610
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
It may surprise you to hear me say that Windows has a superb ... if rather baroque and over-engineered ... security architecture!

Trouble is, on millions of Windows computers that are attached to the Internet and run by naiive users, that security is turned off!

Yessir, these cats auto-logon (with no password) as "all-powerful Administrators" from the moment they turn their computers on. Anything they ask their computer to do it will do... and the same goes for any sort of program that executes "in their name" but "without their knowledge."
Quote:
"Simon says, 'shoot yourself in the head!'"
"Yes master..." ka-blooie!
Computers are fast, but they sure ain't smart...

Now, even Microsoft has finally begun to catch-on to the idea that, having given their users so much security-architecture, maybe they need to obligate those users to use it, even if said users do not understand it and even if Microsoft is (still...) unwilling to explain it to them. But Microsoft has one great big blind spot: they assume that the user is incapable of rational thought. (Also, they foolishly designed their system with a gigantic Achilles heel, "The Registry," which they cannot get rid of no matter how many times they re-design it.)

Both Apple and the Linux community have done a good job of teaching their users a few simple lessons which apply to all operating systems (including Windows):
  1. Never run as an "all-powerful user." The computer cannot distinguish between "you" and a program that "you" are (with or without your knowledge) running. In other words, the computer cannot discern your intent.
  2. Use the concept of "user-ids" (you can have more than one...) to distinguish 'your' stuff from 'not-your' stuff. The computer can understand, and can rigorously enforce, such a "bright-line rule."
  3. There should be only one user-id that is authorized to update the operating-system itself, and (or it can be a different user...) to install or update application programs. That user-id must be used for no other purpose. When this is done, any "malware" that attempts to update a crucial system setting will find it impossible to do so.
  4. Accept software updates only from the known-good trustworthy sources provided by the operating system vendor. Neither Microsoft nor Apple nor Red Hat nor anyone else uses e-mail to "notify you" of anything.
  5. Be skeptical.
  6. Learn about the powerful backup-software that is supplied by all of these vendors. (Yes, Microsoft makes a great tool!) USB/Firewire attached external disk-drives are drop-dead cheap ... at any department store ... and they're big! Use them!
Computers are not biological organisms. They do not "catch" things. They are not "intrinsically vulnerable" and do not have to be "scanned" or "immunized."

Every mainstream operating system ... Windows, OS/X, Linux ... provides these facilities. None are "intrinsically protected" or "intrinsically vulnerable." Rather, the "safety" of the operating system depends entirely upon your understanding of the nature of the threat and the nature of the (more than adequate, if properly used) defenses available against them.

Last edited by sundialsvcs; 09-14-2008 at 08:52 PM.
 
Old 09-14-2008, 11:53 PM   #27
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,083

Rep: Reputation: 405Reputation: 405Reputation: 405Reputation: 405Reputation: 405
Quote:
Originally Posted by wstay View Post
The problem is, either we are using Linux as a normal user or as a root, there is always a reason
to be afraid that the web sites that we use or visit especially Banks or the like,
could be compromise by hackers.
There's nothing invulnerable. But if your bank sites are using ActiveX, you should worry. I wouldn't use a bank site of that nature at all. That's your bank problem, and they should fix it.


Quote:
Originally Posted by dj-toonz View Post
why a few people can't get away from using Internet explorer is because some websites wont view proper using firefox/opera under Linux take Hotmail for example you try to sign in using firefox under Linux. it comes back with you need to be running internet explorer 6 or later, firefox 2+ or later, opera, right but even with using agent switcher and faking what browser & operating system in firefox doesn't work, wtf I'm using the latest version of firefox man (browse the same site under IE6) and everything works :-( even my bank is like that, I can't view it using any of the Linux browsers proper without having to resort to logging in using IE6, you can log in 100% correct with firefox & opera using windows & mac, :-(
And now the million dollars question: why would anyone use MS Hotmail, when there are lots of free alternatives that doesn't force you to use a concrete browser? Hotmail accounts do not have the best security record either, by the way.





Quote:
Originally Posted by sundialsvcs View Post
It may surprise you to hear me say that Windows has a superb ... if rather baroque and over-engineered ... security architecture!

Trouble is, on millions of Windows computers that are attached to the Internet and run by naiive users, that security is turned off!
No, the problem is that 99% of the windows programs will run with deficiencies (if at all) on restricted accounts. It's not just users. First we would need to teach windows programmers what a sane environment is. Not an easy thing to understand for the average VB programmer No pun intended, but it's just the truth.
 
Old 09-15-2008, 09:42 PM   #28
wstay
Member
 
Registered: Aug 2008
Posts: 61

Original Poster
Rep: Reputation: 15
[QUOTE=i92guboj;3278670]
Quote:
Most vulnerabilities will be there. Wine aims to implement a better windows-like api with each version. So, the goal is to be able to run programs like they would run in windows. Wine can't make a distinction between what parts of the code you want to run and what parts of the code you don't want to run because are vulnerable.
I.E. running on any version of linux is installed while on-line through internet.
But Wine is required for installing and running windows applications.
So is it right to say that I.E. is running not through Wine.
It runs not dependent on Wine.



[QUOTE=i92guboj;3280593]
Quote:
There's nothing invulnerable. But if your bank sites are using ActiveX, you should worry. I wouldn't use a bank site of that nature at all. That's your bank problem, and they should fix it.
I am not saying my Bank is using active x or not.
If that is not safe, we can assume that they are not using active x.
But we install active x and also macromedia-flash on our computers so that we can view
flashy sites with applets jumping up and down.
The Banks web-sites or certain other web-sites require Java (jre) to perform certain functions.
The point is that, they are using jre (java) and we have to install jre.
That should be safe or not. That should be for security for their web-sites. Correct me if I am wrong.


The conclusion is that, as a user of computer and internet,
the safest bet is how we protect ourselves through firewall, antivirus, malware, spyware,
and genarallly with the internet security softwares available. And security-wise, it is better
to log-in as a user and not as a root or administrator.

Last edited by wstay; 09-15-2008 at 09:47 PM.
 
Old 09-15-2008, 10:53 PM   #29
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,610
Blog Entries: 4

Rep: Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905Reputation: 3905
Any program that does not run well as "a limited user" does not get to run on any of my Windows computers.

I will not buy, nor will I use, any such program. Period.
 
Old 09-15-2008, 11:54 PM   #30
John VV
LQ Muse
 
Registered: Aug 2005
Location: A2 area Mi.
Posts: 17,622

Rep: Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651Reputation: 2651
Quote:
Any program that does not run well as "a limited user" does not get to run on any of my Windows computers.
then MS office is out of the question and so is Visual Studio
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Installing operating systems the safe way LXer Syndicated Linux News 0 06-16-2006 12:54 PM
what linux operating system AndyR01 Linux - Software 7 08-02-2005 06:30 PM
what is the best linux operating system? wutever Linux - Newbie 8 08-18-2004 02:39 PM
Why Linux is best Operating System for Learning/Doing System Programming ? ubaid_t General 6 03-21-2004 02:10 PM
safe operating temerature? frieza Linux - Hardware 5 06-13-2003 07:39 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 01:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration