Linux.com

Apiman

Apiman

  • Linux.com Member
  • Posts: 5
  • Member Since: 28 May 09
  • Last Logged In: 08 Jul 11

Latest Posts

Posted by
Topic
Post Preview
Posted
  • Apiman
    RE: Privacy concerns about how processes are displayed
    Searching the kernel mailing-list I've found a patch that tackles this issue, but it seems that it has not be included in mainline: [url]http://www.mail-archive.com/linux-kernel@vger.kernel.org/msg77864.html[/url] I don't know if any distro implements some kind of patch like this but if someone can give me a clue would be great! [b]Edit:[/b] At least Openwall supports it ([url]http://www.openwall.com/Owl/CHANGES-2.0.shtml[/url])
    Link to this post 09 Jan 11

    Searching the kernel mailing-list I've found a patch that tackles this issue, but it seems that it has not be included in mainline:
    http://www.mail-archive.com/linux-kernel@vger.kernel.org/msg77864.html

    I don't know if any distro implements some kind of patch like this but if someone can give me a clue would be great!

    Edit: At least Openwall supports it (http://www.openwall.com/Owl/CHANGES-2.0.shtml)

  • Apiman
    RE: Privacy concerns about how processes are displayed
    I understand, but if /proc/ rights are not changed, anyone can still access to all processes info, it will just hide the real issue.
    Link to this post 06 Jan 11

    I understand, but if /proc/<pid> rights are not changed, anyone can still access to all processes info, it will just hide the real issue.

  • Apiman
    RE: Privacy concerns about how processes are displayed
    I guess it should be enough to make the kernel create /proc/ with umask=007 for non root users, but I think it should be implemented within the kernel instead. As I'm not a kernel expert I might be wrong.
    Link to this post 06 Jan 11

    I guess it should be enough to make the kernel create /proc/<PIDS> with umask=007 for non root users, but I think it should be implemented within the kernel instead. As I'm not a kernel expert I might be wrong.

  • Apiman
    RE: Choosing a distro: Pros and Cons from real users
    During my Win ages I used to have Linux installed in a dual-boot configuration, using Mandrake, Debian (I think it was woody) and Gentoo was my last dual-boot Linux. During that time I removed Win completely from my machine (I kept some VM ;) ) and kept Gentoo as my solely OS. I've made two distro switches since then. I'll describe my experiences for each distro: [b]Gentoo[/b]: 2005-2008 Pros:[ul][li]You might learn a lot[/li][li]Updated software[/li][li]Rolling Release[/li][/ul] Cons:[ul][li]Very Time consuming[/li][/ul] My experience: I have very good feelings towards that distro. It made me learn so much about the whole Linux software stack that I would recommend it to anyone who wants to learn Linux internals. Building form source forces you to check dependencies, choose supported compile options, etc., which makes you acquire the picture of how different programs and libraries are related in a Linux system. It's very well supported through the wiki with all howto's you may need to build your complete system. The problem is that the compile every package approach is very time consuming and you might have to do some real work on your machine other than compiling packages ;) . [b]Ubuntu[/b]: 2008-2010 Pros:[ul][li]User experience[/li][li]Closed software vendors support[/li][li]Integrated Web services[/li][/ul] Cons:[ul][li]Six months distribution updates[/li][li]I don't feel very comfortable about some Canonical moves towards Open Source[/li][/ul] My experience: If you don't care so much about the OS but about doing your stuff this is the way to go. I had no big troubles with it and worked fine for me. Nevertheless, as Ubuntu grows I feel like your are trading some of the Open source values and freedom (specially with the new cloud services embedded by default) for comfort and a worries less experience. I also got tired of updating my system every six months, so I decided to go for a rolling release. [b]Arch[/b]: 2010-today Pros: [ul][li]Updated software[/li][li]Rolling release[/li][li]Performance[/li][/ul] Cons:[ul][li]Some Linux experience is recommended[/li][/ul] My experience: I'm very happy with this distro. Once you have some experience on Linux you will feel quite comfort with it. As I've said I switched to it from Ubuntu, mainly because I was looking for a binary based rolling release with updated packages. It has all the goods of Gentoo (simplicity, latest software, etc.) but without requiring you to waste time on compiling things. As you only run what you need my system boots lightning fast. Faster than Ubuntu 10.04 with all it's boot tweaking and upstart. I appreciate not having to spend an evening every six months updating my system. Another plus for Arch is that it's so close to upstream that you don't have to wait months to get the last versions of your beloved programs, some hours are enough most of the time and I haven't had any big issue with updates since I'm using it. I've done some administration work, and from a company perspective I'll choose Debian stable. I've had good experiences with it. It's solid and supports many hardware platforms, but sometimes it's packages are too old, so you might want to use Debian testing for some non critical machines.
    Link to this post 05 Jan 11

    During my Win ages I used to have Linux installed in a dual-boot configuration, using Mandrake, Debian (I think it was woody) and Gentoo was my last dual-boot Linux. During that time I removed Win completely from my machine (I kept some VM ;) ) and kept Gentoo as my solely OS. I've made two distro switches since then. I'll describe my experiences for each distro:
    Gentoo: 2005-2008
    Pros:[ul][li]You might learn a lot[/li][li]Updated software[/li][li]Rolling Release[/li][/ul]
    Cons:[ul][li]Very Time consuming[/li][/ul]
    My experience:
    I have very good feelings towards that distro. It made me learn so much about the whole Linux software stack that I would recommend it to anyone who wants to learn Linux internals. Building form source forces you to check dependencies, choose supported compile options, etc., which makes you acquire the picture of how different programs and libraries are related in a Linux system. It's very well supported through the wiki with all howto's you may need to build your complete system. The problem is that the compile every package approach is very time consuming and you might have to do some real work on your machine other than compiling packages ;) .
    Ubuntu: 2008-2010
    Pros:[ul][li]User experience[/li][li]Closed software vendors support[/li][li]Integrated Web services[/li][/ul]
    Cons:[ul][li]Six months distribution updates[/li][li]I don't feel very comfortable about some Canonical moves towards Open Source[/li][/ul]
    My experience:
    If you don't care so much about the OS but about doing your stuff this is the way to go. I had no big troubles with it and worked fine for me. Nevertheless, as Ubuntu grows I feel like your are trading some of the Open source values and freedom (specially with the new cloud services embedded by default) for comfort and a worries less experience. I also got tired of updating my system every six months, so I decided to go for a rolling release.
    Arch: 2010-today
    Pros:
    [ul][li]Updated software[/li][li]Rolling release[/li][li]Performance[/li][/ul]
    Cons:[ul][li]Some Linux experience is recommended[/li][/ul]
    My experience:
    I'm very happy with this distro. Once you have some experience on Linux you will feel quite comfort with it. As I've said I switched to it from Ubuntu, mainly because I was looking for a binary based rolling release with updated packages. It has all the goods of Gentoo (simplicity, latest software, etc.) but without requiring you to waste time on compiling things. As you only run what you need my system boots lightning fast. Faster than Ubuntu 10.04 with all it's boot tweaking and upstart. I appreciate not having to spend an evening every six months updating my system. Another plus for Arch is that it's so close to upstream that you don't have to wait months to get the last versions of your beloved programs, some hours are enough most of the time and I haven't had any big issue with updates since I'm using it.

    I've done some administration work, and from a company perspective I'll choose Debian stable. I've had good experiences with it. It's solid and supports many hardware platforms, but sometimes it's packages are too old, so you might want to use Debian testing for some non critical machines.

  • Apiman
    Privacy concerns about how processes are displayed
    Any user can see all processes running on a Linux Computer and if he uses [quote]ps -Af[/quote] even it's command line parameters are shown. Most times there is not much sensible information there, but there might be. If we open a link from a mail someone has sent to us, it's link address might be visible to everyone in the system. Sometimes we might feel convenient to embed a password in the command line for some automatic process. You shouldn't do that!!, but many programs let you do so and some users might not be aware of it's risks. I might be wrong, but I don't see a reason why this information should be exposed to all users in a system instead of making it available only for root and the owner of the process. :unsure:
    Link to this post 05 Jan 11

    Any user can see all processes running on a Linux Computer and if he uses

    ps -Af
    even it's command line parameters are shown. Most times there is not much sensible information there, but there might be.
    If we open a link from a mail someone has sent to us, it's link address might be visible to everyone in the system. Sometimes we might feel convenient to embed a password in the command line for some automatic process. You shouldn't do that!!, but many programs let you do so and some users might not be aware of it's risks.
    I might be wrong, but I don't see a reason why this information should be exposed to all users in a system instead of making it available only for root and the owner of the process. :unsure:

Who we are ?

The Linux Foundation is a non-profit consortium dedicated to the growth of Linux.

More About the foundation...

Frequent Questions

Join / Linux Training / Board