Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:Systemd-free (Score 1) 179

bogus argument - this so-called security risk is also there when the user is logged in - you cannot really make security contingent on a user being logged in, because logged in means zip - user can be logged in a system for weeks w/o doing anything reality LP redefines what it means to have a user account, and what it means to be logged in, arbitrarily limiting the user (and this *is* windows think), I mean next thing he figures out its a good idea for security to log user out at midnight, eventually figuring out he needs positive id checking user's ass is continuesly behind the terminal..)

No, it is a real security problem; lingering processes have been used countless time to regain access to systems from the outside. Pre-systemd there wasn't even a good and reliable way to kill a (logouted) user's processes across servers (pkill was never a standard and it is unreliable since both broken and malicious programs can escape it).

Hyperbolic assertions about what LP might do are lame arguments. Besides timed logouts have been the order of the day for decades; I have never worked on a sensitive system that allowed the user to stay connected for weeks on end; it just too dangerous to allow that.
And don't forget that LP and the rest of the systemd developers really knows "user and session management" in Linux; they have practically invented and maintained all the core Linux software used for this like CK and logind.

Instead of abusing Unix signals like "nohup", lingering programs should just use PAM or similar to gain permission to run in their own scope; much better and much more granular security.

Comment Re:Systemd-free (Score 0, Redundant) 179

Lennart is too young to have read "The Cathedral and Bazaar" when it came out. He comes from an MS Windows background so never knew the Bazaar idea existed and has no patience with people who try to suggest it does.

Lennart Poettering have been working strictly on open source Linux software ever since he graduated. He has at least +15 years developer experience on Linux. I have no idea why you think he has a MS Windows background. Did you just made it up?

That's why things like persistent user processes in the background (about chapter three in most scripting books) is just not something he sees as being something that should exist.

He says that:
1: it should be an easy admin task to enable-disable users ability to run such tasks since they are a security risk (eg. a lingering ssh connection out through the firewall can be reversed so it can be used to connect back into the system).
2. As default, only programs that explicitly have permissions (from PAM etc) to linger after logout should be allowed to do so.

So he has no problems with lingering processes, he just thinks they should be secure and easy to admin. No sane modern OS would ever implement the current Linux scheme with unrestricted ability for users to run arbitrary programs after logout (and even after the account have been locked).

Comment Blame Washington (Score 1) 198

Technology has been a boat anchor dragging down the industry thanks to regulations like Hippa, and requirements that all records be kept electronically. Paper charts are banned. now. This is a classic example of what happens when legislators regulate something they know nothing about. I see it everyday, as I work at the helpdesk of a major midwestern hospital chain. I am convinced all the technology that end users can't figure out has led to dead and injured patients. I am a perma-temp, where I work, not an employee. Outsourcing in healthcare is another problem, but not the one we are talking about here. Anyway, many people working in healthcare are technically illiterate, and refuse to learn. Also software like Epic is too complicated for anyone but engineers. My mother, who was a nurse, is now happily retired. Epic and other high tech whizbangs made her last years in the industry hell. The worst part of it all is cost. Computers, commercial software, and all the support staff needed cost so much more than paper charts did. All they really needed to do was to make PDF of the old paper charts, and let people type into them That would have fixed the problem of scribbly doctor's handwriting. Washington broke it. Will they ever fix it?

Comment Re:WTF (Score 1) 924

Telnet and ssh are different programs, you incomprehensibly stupid piece of shit. I know you're a troll, because only a troll could be so stupid.

Yeah, I actually know the difference between those two programs, and old enough to have used both telnet and see ssh replace it as the default way for connecting to other machines.

People unable to cope with technological changes like the transition from telnet (rsh/rlogin/etc) to ssh, SysVinit to systemd, or the future, Xorg to Wayland, just eject themselves out of tech.

Comment Re:From a security perspective... (Score 1) 924

Well, you assume every change is for the better.

No I don't. I just accept technically superior solutions as the way forward, even if they means another way of working.

I have no sentimental feelings for old, close source, Unix systems made by money grabbing, Linux-hating companies. So I have no problems discarding ancient Unix ways of doing things if I find new ways that are better.

Finally, I actually study the new tech I embrace by reading the technical documentation. That is apparently a lost art among many modern Linux users.

Slashdot Top Deals

If we could sell our experiences for what they cost us, we would all be millionaires. -- Abigail Van Buren