anti virus

[Fred]

gerry,

The only reason for anti-virus, spy-ware software would be to help protect Windows machines. Linux doesn't need it.

Fred

[lagagnon]

Agreed. You would only need anti-malware software on your Linux box if you are serving files and emails to Windows machines from the Linux box. Otherwise a waste of time and effort.

[Fred]

Both very good points bharani. The browser in Linux can still be affected by malicious Java script, without the no script extension. And of course running an X session in root is tantamount to OS suicide.

Fred

[DrHu]

1.Use noscript addon for firefox if you like.
2.Don't login as root unnecessaryly.
These two things will keep your machine safe from malware.

Unfortunately, in the interests of user convenience, in not having to use two passwords (root & the logged in user), Ubuntu and distributions based on that model make the first user an almost root user; except you do have to use sudo as a prefix in order to do an administrative (root like) task, and the password is your first created user password
--so we are already in danger just from the normal login process; but Mint and Ubuntu and Debian all disable the root account, so the full power is not available, only I don't know exactly what that limitation is between the pseudo root (first user account) and the real root (root account)

Other Linux's require a root account for administration functions and the first user is not root equivalent (or almost so
--their first user is a regular user (not an almost root. I think Mepis does it that way, and it is also based in part on Debian + Ubuntu

Despite that, Linux has proven quite safe as a system, even if you did run as root
--which some people want to do, as it eliminates any permissions issues as the root user can access and do anything on the system; which of course makes it almost as easy to destroy the system..

[linuxviolin]

Mint and Ubuntu and Debian all disable the root account

Debian? Really? I have Debian Testing and there is the root account! And if Mepis has it too it's probably because it is based on Debian. Parsix, which is based on Debian Testing has also the root account...

[Fred]

DrHu wrote:

Unfortunately, in the interests of user convenience, in not having to use two passwords (root & the logged in user), Ubuntu and distributions based on that model make the first user an almost root user; except you do have to use sudo as a prefix in order to do an administrative (root like) task, and the password is your first created user password ---so we are already in danger just from the normal login process; but Mint and Ubuntu and Debian all disable the root account, so the full power is not available, only I don't know exactly what that limitation is between the pseudo root (first user account) and the real root (root account)

This is an argument that has been on going since "sudo" came into widespread use. While I can see some merit on both sides of the argument, let me give an opposing view for the sake of balance.

The first user isn't "an almost root user." S/he, by default, is in the sudo group, but that is far from being "an almost root." Being able to use sudo doesn't mean you have in anyway been compromised by logging in. By-the-way, Debian sid doesn't disable the root password. It is assigned during the install process.

If you use sudo to start a program or do some other task, your root privileges are limited to the tasks that have been registered by default to sudo. Some would say it is safer to use sudo because of this limitation. If you use "sudo su" you have root privileges, but with the user's profile. If you use "sudo su -i" you use the root profile. "sudo su -i" is true root, just as if you had a root password set in a more traditional distro and had used it to log in as root.

If you have sudo loaded on a more traditional distro with a separate root, which many distros do by default, one could make the argument that it is less secure with two passwords. Check some of the more traditional distros. You will be surprised how many have sudo installed. In an infinite range of passwords, either of the two passwords will break securiety.

Also, an argument can be made that it is easier to remember one good password than two. As an example, your user password could be: "Mychildren'sages+10areAmy46,Sarah36,&Catherine34.". I would love to see you break that one. Of course you could shorten it and still be ok, but that is an example of one good password that can be easily remembered. After your system is setup and working ok you don't need to use it much anyway. Of course if you want a simple password to do your setup with fine, use something easier to type. Then when you are ready, change it to something much harder to break.

Despite that, Linux has proven quite safe as a system, even if you did run as root

This is categorically untrue. Running an X session in root is tantamount to OS suicide. This must be a typo on your part. I can't believe you think that is true.

The other side of the story.

Fred

[altair4]

To Fred:

I started bookmarking some of your posts in Firefox on the second day I became a member. I've got so many now I had to put you in your own subdirectory.

[Fred]

altair4,

Thank you sir, but you don't actually read any of my dribble do you?

Fred

[lexon]

Thank you all for the advice regarding anti virus for mint, as it takes time to adapt from ms windows.
The more I use mint the more impressed I am makes win xp somewhat primitive by comparison.
Regards
Gerry (uk)

I understand what you mean. I have not used Windows for nearly five years. I recently purchased a laptop running Vista Basic.
What a challenge. Much more difficult to use than Linux if you have not used Windows in sometime. I rapidly installed Mint 7.

lexon

[DrHu]

This is categorically untrue. Running an X session in root is tantamount to OS suicide. This must be a typo on your part. I can't believe you think that is true.

I would never recommend it (running as root), but..

Actually yes, even though I always login as a user, and use sudo su when I want to use root (#)for application installs or running chkrootkit etc.. (and I know that the desktop root login) is not available in Ubuntu or Mint

--but because of this, I generally wouldn't be that worried in home user situation..

• No or lack of any successful viruses against Linux
• The general separation of root from user
  --you use root all the time at your own risk, probably the main one, totally borking your system
• I can fix up the /etc/sudoers file to only allow a specific user to have admin access
  --instead of ALL ALL

the default /etc/sudoers file..
# cat /etc/sudoers
# /etc/sudoers
## This file MUST be edited with the 'visudo' command as root.
## See the man page for details on how to write a sudoers file.
#
Defaults env_reset
# Host alias specification
# User alias specification
# Cmnd alias specification
# User privilege specification
root ALL=(ALL) ALL

# Uncomment to allow members of group sudo to not need a password
# (Note that later entries override this, so you might need to move
# it further down)
# %sudo ALL=NOPASSWD: ALL

# Members of the admin group may gain root privileges
%admin ALL=(ALL) ALL

I actually don't mind sudo (/etc/sudoers ) file as a management control method, rather than all or nothing one gets with root access; as long as attention is paid to the content of the file, and adjustments made as necessary..

Also, an argument can be made that it is easier to remember one good password than two. As an example, your user password could be: "Mychildren'sages+10areAmy46,Sarah36,&Catherine34.". I would love to see you break that one

Also, an argument can be made that it is easier to remember one good password than two
--that is eminently logical

You are probably right about that, but I could always use a different password for root that I couldn't possibly remember, as long as I can get to a device to paste it into the dialog
https://www.grc.com/passwords.htm
http://www.scroogle.org/cgi-bin/nbbw.cgi
--or maybe the one time pad system, he uses..