On Thu, January 22, 2015 9:05 pm, Always Learning wrote:> > On Thu, 2015-01-22 at 21:19 -0500, Bill Maltby (C4B) wrote: > >> I object to this sort of crap. Hidden, no reason for an *IX desktop to >> be forced to ignore or deal with this crap. >> >> Anybody else seeing it? >> >> In case attachments aren't allowed in the list, here's the Dropbox url >> for the image. >> >> https://www.dropbox.com/s/b2p2ki7t2rwi5ot/FreeDeskTop_Org_Orwell_1984.png?dl=0 >> >> I believe this relates to an earlier thread in which someone questioned >> what that Freedesktop.org stuff was doing (as did I). >> >> Any help appreciated. > > What is going-on ? It really looks Windozed ! Looking at it makes me > feel ill. >Just out of curiosity: how do you guys look at it? This asks me for password... In general it is good idea to place something into open URL Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On Thu, Jan 22, 2015 at 09:30:03PM -0600, Valeri Galtsev wrote:> Just out of curiosity: how do you guys look at it? This asks me for > password... In general it is good idea to place something into open URLI think that's what he wanted you to look at. It's a screenshot of a window asking you to enter a password. -- MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
On Thu, Jan 22, 2015 at 09:30:03PM -0600, Valeri Galtsev wrote:> > On Thu, January 22, 2015 9:05 pm, Always Learning wrote: > > > > On Thu, 2015-01-22 at 21:19 -0500, Bill Maltby (C4B) wrote: > > > >> I object to this sort of crap. Hidden, no reason for an *IX desktop to > >> be forced to ignore or deal with this crap. > >> > >> > >> https://www.dropbox.com/s/b2p2ki7t2rwi5ot/FreeDeskTop_Org_Orwell_1984.png?dl=0 > >> > > > > What is going-on ? It really looks Windozed ! Looking at it makes me > > feel ill. > > > Just out of curiosity: how do you guys look at it? This asks me for > password... In general it is good idea to place something into open URLOriginally, packagekit, which is a GUI package manager, wanted to allow all users to install anything without a password. When a bug report was filed, the developer mentioned that they didn't care how Unix had done things in the past. This made the front page of slashdot, to almost universal derision, and RH changed it. In Fedora, I believe it still allows any user to update an installed signed package without asking for authentication. They tried to do that in RH as well, but a bug report was filed, and it was changed. In my less than humble opinion, this is how it should be. A non-privileged user should not be allowed to make changes to the system. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6
<rant> I run a small consulting service and work with both individuals and (very) small businesses. The objective of my consulting business is to help average people move to Linux when they decide that they have had enough of the M$ money wheel and endless malware infections. Not one individual who belongs to that class of users cares how Uniix/Linux works, how it does updates or how to install new stuff. They *DON'T WANT* to know all that stuff. They want only one thing; to use the computer as a tool to perform needed personal or business tasks. My wife is my most frequent client and she in every way reflects the attitude of every customer - except for two - that I have. "Don't teach me how the computer works. I don't care. Just make it work for me," is the common refrain. If there is a problem, she calls me; if she wants new software installed, she calls me; if updates are required, she does not want to see any pop-up messages, she just wants her system to be updated automatically when needed. In most cases I go onsite to install new software or do updates. HOWEVER!!! There are times when I need to talk a customer through doing something that they would never, ever do if there were any other choice. They understand when that happens and together we can always do it in far less time than it would take for me to travel there and back. But I *NEVER* want them to go mucking about on their own - EVER! They have no idea what they are doing and should not be doing any type of admin stuff - and that is really how they want it. They should be password protected from everything administrative or they will cause me much more work and cost themselves a great deal of money as I try to fix the predicament that they have gotten themselves into. For example, I cannot tell you how many times I get a call from users who have purchased a new printer and tried to install the software from the accompanying CD. AARRRGGHHH!! I tell them to just plug it in and it should work without installing any software, and for those who have purchased Lexmark printers, I tell them to take it back and get something supported. I am so glad they cannot try to force that software onto the Linux box. I disable and remove PackageKit to prevent that kind of stuff. As for those other two customers, they don't really care much anyway. They have the knowledge but not the time to perform the tasks they hire me to do. They really don't want me to change much as they have it working the way they want and like it. That includes updates - or not doing updates - and everything else. For those historically ignorant developers, I say that they had *BETTER* care how it has always been done! It is that history, that philosophical difference from other operating systems that has made Linux as popular as it is today. Change is good, but the philosophy of Linux is important to ensure that the power, flexibility, security, reliability, and quality of Linux do not suffer. See my article: https://opensource.com/business/14/12/linux-philosophy and I have another article as follow-up that should appear there soon. </rant> So, Scott, that is a very long-winded and rantful way of saying that I agree with you. ;-) On 01/23/2015 06:37 AM, Scott Robbins wrote: <snip>> Originally, packagekit, which is a GUI package manager, wanted to allow all > users to install anything without a password. When a bug report was filed, the > developer mentioned that they didn't care how Unix had done things in the > past. This made the front page of slashdot, to almost universal derision, and > RH changed it. In Fedora, I believe it still allows any user to update an > installed signed package without asking for authentication. They tried to do > that in RH as well, but a bug report was filed, and it was changed. In my less > than humble opinion, this is how it should be. A non-privileged user should > not be allowed to make changes to the system. > -- > >-- ********************************************************* David P. Both, RHCE Millennium Technology Consulting LLC Raleigh, NC, USA 919-389-8678 dboth at millennium-technology.com www.millennium-technology.com www.databook.bz - Home of the DataBook for Linux DataBook is a Registered Trademark of David Both ********************************************************* This communication may be unlawfully collected and stored by the National Security Agency (NSA) in secret. The parties to this email do not consent to the retrieving or storing of this communication and any related metadata, as well as printing, copying, re-transmitting, disseminating, or otherwise using it. If you believe you have received this communication in error, please delete it immediately.
On Thu, January 22, 2015 9:39 pm, Frank Cox wrote:> On Thu, Jan 22, 2015 at 09:30:03PM -0600, Valeri Galtsev wrote: >> Just out of curiosity: how do you guys look at it? This asks me for >> password... In general it is good idea to place something into open URL > > I think that's what he wanted you to look at. It's a screenshot of a > window asking you to enter a password. >I realize it now, after you mentioned it. I fill so sheepish ;-) Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
On Fri, January 23, 2015 5:37 am, Scott Robbins wrote:> On Thu, Jan 22, 2015 at 09:30:03PM -0600, Valeri Galtsev wrote: >> >> On Thu, January 22, 2015 9:05 pm, Always Learning wrote: >> > >> > On Thu, 2015-01-22 at 21:19 -0500, Bill Maltby (C4B) wrote: >> > >> >> I object to this sort of crap. Hidden, no reason for an *IX desktop >> to >> >> be forced to ignore or deal with this crap. >> >> >> >> >> >> https://www.dropbox.com/s/b2p2ki7t2rwi5ot/FreeDeskTop_Org_Orwell_1984.png?dl=0 >> >> >> > >> > What is going-on ? It really looks Windozed ! Looking at it makes me >> > feel ill. >> > >> Just out of curiosity: how do you guys look at it? This asks me for >> password... In general it is good idea to place something into open URL > > > Originally, packagekit, which is a GUI package manager, wanted to allow > all > users to install anything without a password. When a bug report was > filed, > the developer mentioned that they didn't care how Unix had done things in > the past. This made the front page of slashdot, to almost universal > derision, and RH changed it. In Fedora, I believe it still allows any user > to update an installed signed package without asking for authentication. > > They tried to do that in RH as well, but a bug report was filed, and it > was > changed. > > In my less than humble opinion, this is how it should be. A > non-privileged > user should not be allowed to make changes to the system. >I would second that (or third, or hundredth...). I hate Adobe for putting SUID-ed "plugin-config", thus enabling regular user write where only root can. This crap triggers my system integrity alarms. I always have to remove SUID bit then set immutable bit so the crap doesn't resurrect with their update. In the same list of bad guys comes google with its chrome browser, that drops in daily cron job. Which I have to remove and put placeholder (with immutable bit set), so it doesn't resurrect... Other people have their too lists I bet. As a matter of fact I tend to not use GUI admin tools since long ago. Even on machines I sit in front of as a regular user. I prefer to grab root shell for that. This is, BTW why I prefer plain ASCII text human readable config files, and hate the move towards GUI only based administration. One single case is different for me: I do prefer 3ware web RAID admin interface anything else (it more transparently prevents me from making fatal blunders - probably just me). And yes, disabling root user and having sudo instead is on my evil list too: yet another SUID-ed binary, and potential holes due to some garbage in config file... BTW, su (with the same password for root as regular user has), and attempt to use sudo are the fist two things bad guys try when they log in with stolen password of regular user (after a compromise of machine elsewhere). Valeri ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++