[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Reason to not upgrade to 5.0 - was Re: Problem with Debian 4.0 security



On Sun, Aug 02, 2009 at 10:00:44AM +0800, Bret Busby wrote:
> On Sat, 1 Aug 2009, Sven Joachim wrote:
>
>>
>> On 2009-08-01 12:33 +0200, Bret Busby wrote:
>>
>>> Actually, in today reconsidering upgrading to Debian 5.0, and, reading
>>> the information on the Debian web site, and, in checking using the
>>> package search facility on the Debian web site, I have found that
>>> Debian 5.0 excludes Iceape and Seamonkey, and does not include any
>>> Mozilla applications, so, with the elimination of Iceape/Seamonkey,
>>> Debian 5.0 is simply not as functional, or, as useful to me, as Debian
>>> 4.0.
>>
>> It is true that Iceape/Seamonkey are not included, but that does not
>> hold for other Mozilla applications.  And running the Iceape version in
>> Debian 4.0 is a _big_ security problem, so that is no reason to stay at
>> 4.0 (it may be a reason to switch to another distribution instead).
>>
>> If you want to have that particular application, your best bet is to
>> download either Seamonkey 1.17 or 2.0b1 directly from
>> http://www.seamonkey-project.org/.  Both versions should run out of the
>> box on Debian 5.0.
>>
>> Sven
>
>
> But, Ubuntu has two significant failings - its uses its awful lack of  
> system security, where it gives users superuser privilege, and does not  
> automatically incorporate a separate root account, to which superuser  
> privilege is limited, and, it uses an unwieldy means of identifying  
> partitions, making modifying the fstab and mounting partitions, somewhat 
> traumatic, instead of simply using the hda<x>  or /dev identifier, which 
> would make system administration, much more efficient.
>
Ubuntu gives full sudo rights to the first user only.  Perhaps they don't
do a good enough job of cautioning people not to take that lightly.  But I
don't think this is quite the security problem you're making it out to be.

The "unwieldy means of identifying partitions" is probably UUIDs.  Debian
uses them, as do most modern distros I believe.  You can switch to the old
/dev/hdax labels if you want.  UUIDs have some advantages, but simplicity is
not one of them.

-Rob


Reply to: