Locking Down Linux - My take

[trashy]

This particular forum opens a huge can of worms for people learning about linux vs. people that know linux.

<soapbox>
One of my biggest gripes about many of the "mainstream" releases is the fact that by default, many programs, particularly "server" type programs tend to get installed by default.  This is especially true if a person is trying out and/or installing linux their very first time.  The seemingly endless choices of stuff to install is a bit overwhelming.  As an example, why would someone install a DHCP server on their machine?

Another gripe that I have about one Distro in particular (Ubuntu) is that it gives "super-user" privileges to a person new to linux far too easy.  I believe this is partly due to the average Windows user being a member of the "Administrators" group almost by default.  People want "total control" over their computer.  There is nothing wrong with that, but making it "easy" or "user-friendly" is dangerous.

Finally, though "point-and-click" is easy to do, it really does help if a person gets comfortable using a command-line and learns how to edit configuration files.  I'm not a huge fan of GUI configuration interfaces, but then again, I wouldn't call myself an "average" computer user.
</soapbox>

As far as locking down linux and having a safe, secure computer, it's all about installing what is needed and not installing dangerous stuff.  I'll do my best to check in more on this forum and offer any advice that I can.  I am by no means a "guru", but I do have a bit of experience with the operating system.

[Black Viper]

This particular forum opens a huge can of worms for people learning about linux vs. people that know linux.

As far as locking down linux and having a safe, secure computer, it's all about installing what is needed and not installing dangerous stuff.  I'll do my best to check in more on this forum and offer any advice that I can.  I am by no means a "guru", but I do have a bit of experience with the operating system.

Agreed... but my website opened up the Windows Can about 10 years ago, so I am no stranger to that.

Also agree about "default" installations... see above sentence.

However, I would have to guess that most (greater then 51 percent) people do not want "total control" over their computer. They want it to turn on and "just work" and not worry about "breaking anything."

Those that dive into the inner workings of it will get admin/root no matter how the "default" is configured as ya cannot (or should not be able to) do anything "cool" without those privies.

[trashy]

I hear what you're saying BV.  I agree that people want their computer to "just work".  That's one of the biggest reasons that Linux isn't as popular as Windows.  In the past, setting up and configuring Linux required some technical knowledge.

Nowadays most major Distros are a lot easier for the average person to install and set up.  Though Ubuntu gives root privileges to the average user a little too easy for my taste, it is probably the easiest Distro for a newbie to setup and use.

One thing to keep in mind, regardless of OS choice, it's always best to use a "regular" account for every day use, and reserve the Admin/root powers for when they are absolutely needed.  Following this practice keeps "stuff from breaking".

[k0n5t4nt]

Using Ubuntu 8.10 64 bit. Looking at Synaptic Package manager and at Add/remove. I notice a lot of things installed.  Prob not going to use it all. Does someone know enough about Linux to tell me what is ok to uninstall(doesn't have to be a complete list like BV's Service configurations or anything). Just a general idea of whats needed and not needed.  If you need more info just let me know.

[trashy]

It really depends on what you plan to do with your computer.  One example is if you don't plan on compiling any programs, then you don't need a lot of stuff that gets installed.

[Black Viper]

It really depends on what you plan to do with your computer.  One example is if you don't plan on compiling any programs, then you don't need a lot of stuff that gets installed.

Agree.

[FXEF]

Another gripe that I have about one Distro in particular (Ubuntu) is that it gives "super-user" privileges to a person new to linux far too easy.

Been running Linux since Red Hat 7.2, but I am now running Ubuntu as my main OS. I find Ubuntu to be just as secure as other Linux OS where root has a password and is an active account. I have made the root account active on some of my Ubuntu boxes, but really can't see where they are more secure. Only difference, I can login as root.

[Black Viper]

Been running Linux since Red Hat 7.2.

Fedora FTW.

[IH8U]

Fedora FTW.

No no no you got it all wrong. Debian FTW 

[trashy]

FXEF,

It's kind of ironic that you mention Red Hat 7.2.  That's the current OS that I am working with in my job.  It's actually running a flight simulator that we just installed some upgrades to for the U.S. Navy.

I'm currently working on a few "issues" that we had during some testing.