[mdlug] A big opportunity for Linux?

Adam Tauno Williams adamtaunowilliams at gmail.com
Tue Nov 20 15:48:09 EST 2007 

> > And all the noise about how bad Vista is misses the point - the fact is
> > that XP is in most cases good enough, hence the lack of a business case
> > for the pain/expense of Vista.
>  Yes, that's what I said - Vista doesn't offer anything new that people
> want, and it's a substantial cost to upgrade.
>  However... XP will not *stay* 'good enough'. MS can't (politically) afford
> to put much support effort into XP. XP will stagnate, while alternatives
> move forward.

Of course, nothing stays good enough;  but I know lots of places and
organizations still using 2000.  These technologies remain viable for
much longer than we techies remain infatuated with them.

> > While techy types get worked up about, often obscure, security issues
> > most businesses, especially small business (all small businesses?) just
> > do-not-care.
>  ...until they get hit with a security problem. 

Of course.

> > <aside>Not to mention that enforcing a decent security policy among
> > LINUX desktops is a major PITA and almost completely 
> > undocumented. 
>  Well, enforcing a *Windows-ish* security policy, perhaps.

No, there is nothing Window-ish about notifying users of password change
requirements, etc...

> > GDM is going to tell you that the DSA is going to expire your 
> > account in 14 days if you don't change your password.... nope.
>  I'd thought GDM 2.x had been revamped to deal with things like that...

Some yes,  it a-l-m-o-s-t works.  Unfortunately there really aren't any
standard/open ways for GDM to know,  unless you are still using an
obsolete technique like shadow passwords via NIS.

> > You can view/edit file ACLs from nautilus... nope.
>  What, specifically, do you need ACLs for that can't be accomplished with
> more traditional u/g/o permissions?

A user wants two other user's to be able to edit their file, and the
secretary to be able to read the file?    The u/g/o permissions from
UNIX are basically useless to users.

> > Firefox will work with NTLM or Kerberos authentication for single sign-on
> > to the proxy and/or intranet.... nope.
>  Seems like this ought to work:
> http://open.itworld.com/5037/book_050425firefoxhacks/page_1.html

These are listed as hacks for a reason.  Again they are a-l-m-o-s-t
there.

> > I could go one.  Despite all the rah-rag about security the 
> > support for good security practices on LINUX sucks.</aside>
>  Integration with Windows probably isn't fully there, 

None of the above has anything whatsoever to do with integrating with
Windows.

> I'd say. That's
> not the same as saying 'support for good security practices' isn't
> there.

Basic expectations can't be met (prompting for automatic password
change, etc...) and user's can't simply perform basic security
operations (granting r/w access to another user).  If that isn't the
basis of "support for good security practices" I don't know what is.

-- 
Adam Tauno Williams, Network & Systems Administrator
Consultant - http://www.whitemiceconsulting.com
Developer - http://www.opengroupware.org

More information about the mdlug mailing list