Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Torvalds Calls OpenSUSE Security 'Too Intrusive'

Unknown Lamer posted more than 2 years ago | from the permission-denied dept.

Security 311

jfruh writes "The balance between security and ease of use is always a tricky one to strike, and Linux distros tend to err on the side of caution. But no less a luminary than Linus Torvalds thinks openSUSE has gone too far. When his kid needed to call from school for the root password just so he could add a printer to a laptop, that's when Linus decided things had gone off the rails."

cancel ×

311 comments

Only root? (5, Funny)

busyqth (2566075) | more than 2 years ago | (#39199203)

Bah! Back in the day we recompiled the kernel to add a printer!
AND WE LIKED IT THAT WAY!!

Re:Only root? (2, Funny)

Anonymous Coward | more than 2 years ago | (#39199231)

Wow, newfangled drivers in the kernel... Back in the day, we had to manually pull the bits out of the computer, put them in a bucket, and transport them to the printer manually!

Re:Only root? (5, Funny)

Toe, The (545098) | more than 2 years ago | (#39199295)

You mean sneakernet? That's nothing.
Back in the day, we had to manually place dots onto the paper using a handheld carbon-marking device.
On the plus side, it did have an undo function built right into the final product.

Re:Only root? (0)

Anonymous Coward | more than 2 years ago | (#39199771)

Back in the day, we had to harvest are own Papyrus to make the paper!

Re:Only root? (4, Funny)

jd (1658) | more than 2 years ago | (#39199881)

Papyrus? Pah! Youngsters! Back in my day, we had to find a granite boulder to carve the letters into. With a herring!

Re:Only root? (2)

busyqth (2566075) | more than 2 years ago | (#39199917)

That only works with frozen herring.

Re:Only root? (0)

Anonymous Coward | more than 2 years ago | (#39199957)

Well, it was cold back then walking uphill to school -both ways- in the snow.

Re:Only root? (0)

Anonymous Coward | more than 2 years ago | (#39200009)

Granite Boulders, you are kidding me, back in MY day we used to rub against trees to leave pheromone messages to the other members of our species.

Re:Only root? (4, Funny)

jameskojiro (705701) | more than 2 years ago | (#39200053)

Pheromone Trails, are you kidding me, back in my day we used to have to encode chemical messages in our DNA over many generations before we could pass them on to our offspring.

Re:Only root? (4, Funny)

busyqth (2566075) | more than 2 years ago | (#39200059)

I still do that.

Re:Only root? (2)

Chrisq (894406) | more than 2 years ago | (#39199965)

Papyrus, luxury.

In my day we had to invent writing, hew a stone from the quarry, and wear the letters into the tablet by rubbing it with our noses. And if we handed it in late you'd have to write it out a hundred times before the morning. It was so bad we would still be working on our first grade when we died of old age. They thing is, tell that to the kids to day and do they believe you?

No!

Re:Only root? (2)

Anonymous Coward | more than 2 years ago | (#39199259)

Back in the day? People using FreeBSD are still doing that shit. And yet they'll claim that their OS is superior to any Linux distribution in any way. Except, you know, in the case of usability for a desktop, in which case it's a fucking catastrophe.

Re:Only root? (-1)

Anonymous Coward | more than 2 years ago | (#39199427)

cups works fine tardbox
freebsd desktop works fine if you know what you are doing

Re:Only root? (-1)

Anonymous Coward | more than 2 years ago | (#39199703)

Yeah, CUPS and a lot of things work properly in FreeBSD, if you're willing to twiddle about with permissions as if you were using a Linux distro from 1995. The rest of us have moved on to superior technology, you know, stuff that does the dirty work for you automatically instead of forcing all of the bullshit on the user and then claiming it's the superior method.

Sounds like someone's a bit bitter, don't like me downtalking your favourite OS do you? Well tough shit, you whiny little turd. You don't like it, you don't have to read it. I can say what I want.

Re:Only root? (-1)

Anonymous Coward | more than 2 years ago | (#39199853)

superior...for tardboxes maybe. for those who actually want a secure system, not so much..

Re:Only root? (-1)

Anonymous Coward | more than 2 years ago | (#39199915)

That's the best you can come up with? Tardboxes? You sound like one of the juvenile delinquents from FreeBSD. "Wah wah Linux isn't nearly as secure as FreeBSD wah wah wah." Well you know what? Barely anybody uses it either. Because it's shit. So get over yourself, you butthurt little pussy.

Re:Only root? (0, Offtopic)

Anonymous Coward | more than 2 years ago | (#39199971)

Yeehaw...!!!! Bitch fight!!!! :))))))

Re:Only root? (3, Informative)

fuzzyfuzzyfungus (1223518) | more than 2 years ago | (#39199527)

Only if your printer sucked. If you had a real printer you could just cat the postscript to whatever device it was connected to...

Re:Only root? (4, Insightful)

Anonymous Coward | more than 2 years ago | (#39199647)

I love these responses. "It's not broken, incapable software, you just have to buy a different printer. Noob."

Re:Only root? (4, Insightful)

Anonymous Coward | more than 2 years ago | (#39199713)

Only if your printer sucked. If you had a real printer you could just cat the postscript to whatever device it was connected to...

And that's why the year of Linux on the desktop will always be next year.

Re:Only root? (2)

ChrisMaple (607946) | more than 2 years ago | (#39199995)

Postscript is an Apple conspiracy, designed to wear out electrons by sending too many of them through the printer cable.

ASCII only!

Re:Only root? (1)

Bill_the_Engineer (772575) | more than 2 years ago | (#39200029)

I think you meant Adobe.

Re:Only root? (0)

Anonymous Coward | more than 2 years ago | (#39199533)

No, back in the day you would 'cat homework.ps > /dev/lp0' and _it worked_.

Re:Only root? (5, Informative)

busyqth (2566075) | more than 2 years ago | (#39199705)

Back in the day postscript didn't exist.
"lp0" stands for "Line Printer 0" -- you know, 132 columns, tractor feed, green-and-white-striped paper, massive clattering mechanical wheels spinning.
Now GET OFF MY LAWN!

Re:Only root? (1)

An ominous Cow art (320322) | more than 2 years ago | (#39200127)

You could still simply send your file to the printer and it would print, though. And if the file happened to have (the right) embedded printer control codes, it would even look nice.

C:\> TYPE AUTOEXEC.BAT > PRN:

$ cat readme.txt > /dev/lp0

It was all good :-).

Too much root is not a good thing (5, Insightful)

Toe, The (545098) | more than 2 years ago | (#39199243)

I see this on Macs a lot. If you want to install anything, you have to type an administrator's password.

In theory, that's great. But in effect, you are giving that installer root access. So if I understand correctly, that installer could be putting any amount of spyware (or whatever) into your computer and nearly perfectly cover its tracks.

Otoh, many Mac apps are distributed as disk images, where you simply drag them from the image to your drive, and that's it. No password at all. If you're going to use pre-rolled software, that certainly seems more trustworthy. But of course, it is a lot more complicated of a process for the average user to be able to ever understand.

Re:Too much root is not a good thing (1)

Trepidity (597) | more than 2 years ago | (#39199377)

Otoh, many Mac apps are distributed as disk images, where you simply drag them from the image to your drive, and that's it.

Yeah, but the typical place you want to drag them to, at least to take advantage of the normal OSX UI, is the /Applications folder, which isn't writable by non-admin users by default.

Re:Too much root is not a good thing (2)

dgatwood (11270) | more than 2 years ago | (#39199717)

I would argue that for most users, the place they would drag them is into their Dock. Where the Application physically lives isn't that important.

Re:Too much root is not a good thing (0)

Anonymous Coward | more than 2 years ago | (#39199925)

"Where the Application physically lives isn't that important."

Oh so that part can go in the recycle bin then?

Re:Too much root is not a good thing (0)

Anonymous Coward | more than 2 years ago | (#39199405)

This is where Apple's walled garden comes in with the Mac Store and will allow easy installation of programs for users without root access, if they are checked, signed, and a goat(se?) sacrificed on an altar.

Re:Too much root is not a good thing (1)

hobarrera (2008506) | more than 2 years ago | (#39199423)

That's the huge advantage of software repositories. You give the package manager priviledges, but the OS packages already checked the packages, so it's "safe enough".
Other software (games), can be installed at a user-level, instead of system-level.

Re:Too much root is not a good thing (0)

Anonymous Coward | more than 2 years ago | (#39199883)

That's the huge advantage of software repositories. You give the package manager priviledges, but the OS packages already checked the packages, so it's "safe enough".
Other software (games), can be installed at a user-level, instead of system-level.

This might interest you. There already is a Mac App Store, but you can optionally restrict a system to it in future releases.
http://www.apple.com/macosx/mountain-lion/features.html#gatekeeper

Re:Too much root is not a good thing (1)

tepples (727027) | more than 2 years ago | (#39200077)

The three settings in Gatekeeper are "trust only programs signed directly by Apple" (Mac App Store only), "trust only programs signed with certificates signed by Apple" (Mac App Store and paid developer IDs only), and "trust all programs". Say someone is thinking of buying a Mac today. For how many future releases of Mac OS X do you anticipate "trust all programs" remaining available?

Re:Too much root is not a good thing (0)

Anonymous Coward | more than 2 years ago | (#39200103)

Actually. you can optionally NOT restrict a system to it in future releases. And later you will have to restrict it.

What an ass (5, Insightful)

MatthiasF (1853064) | more than 2 years ago | (#39199265)

He could have just added the user to the sudo group and been done.

But no, he had to go harping on everyone on bug lists and social media rants to put people down, even suggesting whoever made the system should die.

What an ass.

Re:What an ass (5, Informative)

Rhacman (1528815) | more than 2 years ago | (#39199421)

If I understand correctly this in effect would be giving that user root priviledges. I think his complaint was that an ordinary task like adding a printer required that level of priviledge, not that it was inconvinient to do. It sounded like he wanted to administer his childs laptop without giving them free reign over it.

Re:What an ass (4, Insightful)

ArcherB (796902) | more than 2 years ago | (#39199615)

If I understand correctly this in effect would be giving that user root priviledges. I think his complaint was that an ordinary task like adding a printer required that level of priviledge, not that it was inconvinient to do. It sounded like he wanted to administer his childs laptop without giving them free reign over it.

He was also a bit pissed that you need the root password to connect to a new wifi hot spot. Could imagine the network admin's nightmare of having to give the root password to a salesman trying to give a presentation on the road?

I had the same problem with my Fedora 16 (XFCE Spin) box needed the root password to eject a CD. It really sucked that my file manager couldn't do it unless I ran it as root. I don't even know what the file manager's name to run as root and I shouldn't have to. Of course it was no big deal for me to type in "sudo eject cdrom", but I wouldn't expect the average user to know that. Besides, I shouldn't have to add standard users to the sudoers group just so they can swap a friggin CD out!

Re:What an ass (0)

tomhudson (43916) | more than 2 years ago | (#39200055)

And then there's the whole selinux crap larded onto Fedora if you don't use the "selinux=0" at the install prompt.

"OMG you're making it insecure!!!" Compared to what? I don't need a minimum of 7% less performance (their figures) for my particular use case.

Remote ejecting (1)

tepples (727027) | more than 2 years ago | (#39200095)

I shouldn't have to add standard users to the sudoers group just so they can swap a friggin CD out!

Should someone be able to eject the CD that you're using while remotely logged into your computer using SSH?

Re:Remote ejecting (1)

PeterKraus (1244558) | more than 2 years ago | (#39200213)

By default? Yes. If i'm sitting behind the computer and need the CD drive, I should be able to.

Of course, there should be an option to disable it - as I'm sure there is!

Re:Remote ejecting (3, Insightful)

w_dragon (1802458) | more than 2 years ago | (#39200235)

If that someone has a valid user name and password, and you leave ssh open on your laptop, sure. Why not?

Re:What an ass (5, Informative)

John Hasler (414242) | more than 2 years ago | (#39199695)

If I understand correctly this in effect would be giving that user root priviledges.

You don't. The whole point of sudo is that it gives you fine-grained control over the privileges of each user.

Re:What an ass (1)

Isaac Remuant (1891806) | more than 2 years ago | (#39199977)

I'm still wondering why a lot of these things feel like only being able to drive a car if you know how the engine works in detail (and more).

Sure, programmers and computer enthusiasts might be able to deal with this sort of thing but anyone else probably will be paralyzed.

Yes, I'm aware there are several distros suiting different needs but the general feeling always seems to be that you need to know one too many things.

Re:What an ass (2)

TheLink (130905) | more than 2 years ago | (#39200091)

With the popular Desktop Linux security models would you have enough power to pwn the system if you had the power to add a printer?

Re:What an ass (1)

thereitis (2355426) | more than 2 years ago | (#39199697)

That's the way I understood his argument, too, and I agree with it. I'm not defending the _way_ he made his argument, though.

Re:What an ass (2)

MrHanky (141717) | more than 2 years ago | (#39199429)

You don't generally use sudo when installing printers under Linux. You either use the web frontend for CUPS, in which case you're prompted for a password (either root or a user in a printer admin group), or more likely some application in the DE, in which case it's up to the PolKit configuration or whatever arcane nonsense they use these days. And yes, the default policy should be to allow users to add printers.

Re:What an ass (1)

icebike (68054) | more than 2 years ago | (#39199903)

You don't generally use sudo when installing printers under Linux. You either use the web frontend for CUPS, in which case you're prompted for a password (either root or a user in a printer admin group), or more likely some application in the DE, in which case it's up to the PolKit configuration or whatever arcane nonsense they use these days. And yes, the default policy should be to allow users to add printers.

This is true, but out of the box, there is no printer-admin group in OpenSuse, and no users are added to it by default. You have to remember to do that, as well as 3 or 5 similar group-membership things in order to make a machine "user maintainable" for normal operations. Things like video, wifi, cdrom, all need permissions or are managed by membership in groups that you have to remember to check.

Left unsaid is how old Linus's kid is. Given the parentage, I'm surprised the kid doesn't already have root, not only on the laptop but the school's network server as well.

Install printer just for me (1)

tepples (727027) | more than 2 years ago | (#39200133)

You either use the web frontend for CUPS, in which case you're prompted for a password (either root or a user in a printer admin group)

Why can't each user have a separate set of printers and a separate printer admin group to manage his own printers? "Install this application or device just for me" is something that a lot of these multiuser operating systems have tended to neglect.

Re:What an ass (5, Insightful)

Hatta (162192) | more than 2 years ago | (#39199433)

Why should he have to do that? Why isn't it sufficient to add the user to the 'lp' group? There's no reason that printing should require root access at all.

Re:What an ass (5, Insightful)

OzPeter (195038) | more than 2 years ago | (#39199529)

Why should he have to do that? Why isn't it sufficient to add the user to the 'lp' group? There's no reason that printing should require root access at all.

Why does an administrator have to add anyone to anything in order to do a commonplace task on a machine that is really a commodity item?
 
Not that I have read his rants but I get where he is coming from.

Printer DoS (2)

tepples (727027) | more than 2 years ago | (#39200237)

Because just because a user has one of 100 shell accounts on a machine shouldn't entitle the user to waste the paper and ink of all the printers connected to the machine.

Re:What an ass (3, Insightful)

Wrath0fb0b (302444) | more than 2 years ago | (#39199655)

Why should he have to do that? Why isn't it sufficient to add the user to the 'lp' group? There's no reason that printing should require root access at all.

Because, in any sane environment, that would require proving that the entier printer-management interface is secure enough not to allow privilege escalation or agent-based attacks. At the very least, that would require a software audit of those components that can be twiddled and probably some pen-testing and/or fuzzing. You can just say "well, this is designed to just let users add a printer so surely it can't be used to do anything else" -- I suppose you *can* say that but you ought to lose your job for that kind of thinking.

We've had large multi-user operating systems for decades now and people still don't seem to understand this basic principle -- if an interface is available to a regular user, it has to be vetted to ensure that it does not allow the user to do any more than what it advertises and that the effects of that are limited to things that the user is supposed to be able to accomplish.

Re:What an ass (1)

Tharsman (1364603) | more than 2 years ago | (#39199873)

That sounds like TSA logic!

Re:What an ass (2)

Bill_the_Engineer (772575) | more than 2 years ago | (#39200119)

That sounds like TSA logic!

It appears you are trying to install a printer I never seen before.

Press OK for exceedingly personal and embarrassing pat down, or READ MORE for a way to just pose nude in front of the web cam, or press CANCEL to order your cavity search online.

Re:What an ass (1)

Tharsman (1364603) | more than 2 years ago | (#39200233)

Disclaimer: Webcam installation will require full body Xray scan.

Re:What an ass (1)

tomhudson (43916) | more than 2 years ago | (#39200135)

We've had large multi-user operating systems for decades now and people still don't seem to understand this basic principle -- if an interface is available to a regular user, it has to be vetted to ensure that it does not allow the user to do any more than what it advertises and that the effects of that are limited to things that the user is supposed to be able to accomplish.

What a load of horse puckey. This is a kid's computer for school use. Not a system to control an aircraft or nuclear power plant. "As much security as necessary, and no more". Besides, you should always leave some low-level fruit hanging out there as a "canary in a mineshaft" warning mechanism, otherwise you are forcing attackers to put on their best game face.

Re:What an ass (2)

DarkOx (621550) | more than 2 years ago | (#39199985)

At some point a privileged operation more than likely has to take place. Perhaps Linus should do a little introspection about how his own kernel handles module loading?

I don't use SUSE so I don't know what I am talking about here but it seems maybe the problem is along the lines of their add user script should suggest putting new users in plugdev? Which would let udev(which runs as 0) load the required modules and the default rules would likely make a lp device writable by members of lp.

So it probably is an issue in SUSE but its also most likely a minor oversight than it is a serious flaw.

Re:What an ass (1)

hobarrera (2008506) | more than 2 years ago | (#39199587)

This would only prove that OpenSuse if impractical for shared computers, since all users need a root password for ordinary tasks, one of which is bound to screw up.

Re:What an ass (1)

arth1 (260657) | more than 2 years ago | (#39199651)

This would only prove that OpenSuse if impractical for shared computers, since all users need a root password for ordinary tasks, one of which is bound to screw up.

... or will abuse it to spy on others - read their e-mail or check their browser history, for example.

Re:What an ass (1)

arth1 (260657) | more than 2 years ago | (#39199605)

"+1 Stupid"
That's still giving a user superuser access when it shouldn't be required. Why open the barn door?

Plus, it likely wouldn't work. Because chances are that Linus' son sits in the GUI and tries to add a printer there, not using "cups-add-printer" or similar from the command line.

+1 (rolls eyes) (0)

Anonymous Coward | more than 2 years ago | (#39199983)

Linus' rather offensive hyperbole is unnecessary, even if he has a point. After a while people just stop listening.

I feel you man, (3, Insightful)

Dr. Tom (23206) | more than 2 years ago | (#39199283)

B.S. in C.S., M.S. Psy., Ph.D. in C.S. and B.S.*, and my job is to fix the printer ...

* That's Brain Science, you r'tard

In other news, Linus has a child old enough to install printers on Linux ... I feel old.

I guess it's reasonable ... they use to say, "you're not dating girls until you're 21!"
Now it's "You can't have the root password until you're 21!"

By the way, Linus is right, I usually disable selinux ... a good firewall is fine ..., and
also if your child clicks on an attachment from a stranger, that's a grounding.

Re:I feel you man, (1)

hobarrera (2008506) | more than 2 years ago | (#39199445)

Grounding? What kid nowadays cares about going outside. Changing the AP's password is a proper punishment!

Re:I feel you man, (1)

jd (1658) | more than 2 years ago | (#39199909)

Huh? Capabilities would offer far more fine-grained control over the degree of punishment.

Re:I feel you man, (1)

Dr. Tom (23206) | more than 2 years ago | (#39199927)

No internet for a week! I like it.

You can't take away the kid's smartphone, or how else could you track him?
(There is a tool that allows parents to remotely activate their child's smartphone microphone, so they can not only see where the child is, but what he or she is saying. Children: you need an acoustic foam box in your clubhouse.)

Re:I feel you man, (1)

oldhack (1037484) | more than 2 years ago | (#39199461)

You related to Dr. Bob?

no that is what wanting a CS BS for a IT job gets (0)

Anonymous Coward | more than 2 years ago | (#39199673)

no that is what wanting a CS BS for a IT job gets you. People who think with know what it's like hands on.

Re:I feel you man, (1)

geekoid (135745) | more than 2 years ago | (#39199763)

You have PhD in "Brain Science"

what does that mean? I know what you mean by Brain Science, but isn't that normally call Neurology?

By the way, if you had a Ph.D in C.S., you don't need to list the B.S. in C.S.

Re:I feel you man, (1)

ChrisMaple (607946) | more than 2 years ago | (#39200113)

SELinux is a huge stinking pile. Once it's installed it can't be disabled, claims to the contrary notwithstanding. The last time I tried to disable it, my system wouldn't boot. The advice SELinux gives for overcoming alerts doesn't work more often than it does.

fris7 p5ot (-1)

Anonymous Coward | more than 2 years ago | (#39199391)

Re:fris7 p5ot (1)

Isaac Remuant (1891806) | more than 2 years ago | (#39200079)

The link between brackets notes that you're a bunch of years late for that joke. Don't worry, you can still be original by copying a recent troll post.

No he didn't (1)

PatDev (1344467) | more than 2 years ago | (#39199399)

Maybe it's a nitpick, but if you employ quotation marks, you are denoting one of two things - sarcasm or direct quotation. Given the context, it does not appear to be sarcasm. RTFA shows that Torvalds did not use the words "too intrusive".

Sure, it's one somewhat questionable paraphrase of what he said, but to use quotation marks there is dishonest. His complaint was not even over the amount of effort, but rather of whom the effort was required. That is, non-root users were being required to know the root password for routine tasks.

Re:No he didn't (1)

fahrbot-bot (874524) | more than 2 years ago | (#39199875)

Maybe it's a nitpick, but if you employ quotation marks, you are denoting one of two things - sarcasm or direct quotation.

I didn't see the sentence to which you were referring, but quotes can also be used for other reasons like signaling unusual usage [wikipedia.org] :

Crystals somehow "know" which shape to grow into.

or referring to the word itself rather than its associated concept (see link above):

"Cheese" is derived from a word in Old English.

There are references other than Wikipedia out there as well...

My hypothesis... (5, Funny)

brennanw (5761) | more than 2 years ago | (#39199441)

Linus Torvalds is the Harlan Ellison of Linux.

Ironic (3, Funny)

Kamiza Ikioi (893310) | more than 2 years ago | (#39199447)

But... G+ is a ghost town? Just yesterday, people were saying, oh, gee, why would I even be interested in G+? Now /. is pulling stories directly from there.

Mmm Hmmm...

Re:Ironic (0)

Anonymous Coward | more than 2 years ago | (#39199757)

Problem loading Google+

There was a problem loading the Google+ CSS. Please double check your network connection and try reloading in a few minutes.

Re:Ironic (1)

ohnocitizen (1951674) | more than 2 years ago | (#39200027)

Just from Linus's feed. Google+ is becoming more like Twitter than Facebook. Just a few users talking to the masses, rather than a ton of users talking to each other.

Linus is on Google Plus? (1)

heptapod (243146) | more than 2 years ago | (#39199475)

Dude, he must be having some epic conversations with Wil Wheaton!

Thanks for reposting him on Slashdot otherwise no one else would've seen it.

Slow news day? (-1)

Bill_the_Engineer (772575) | more than 2 years ago | (#39199479)

Yes we know Linus can appear to be a diva on occasions. Do we need to report all of his tweets, rants, or google posts?

Is it unreasonable for a distribution to trust the installer to set the policy for its users? Linus could have gave his son sudo privileges. Even better he could have installed a large database of printer config files to lower the chance that a new printer driver needs to be installed while traveling.

I think its safe to assume that Linus is skilled enough to do either of the above.

Re:Slow news day? (1)

MightyMartian (840721) | more than 2 years ago | (#39199515)

It's a strange complaint seeing as how even with Windows, to install a new print driver, you have to have admin permissions or know the user id and password of a user with admin permissions. You can add all the printers you like providing the driver is installed, and it's no different for Linux distros.

Re:Slow news day? (0)

Anonymous Coward | more than 2 years ago | (#39200175)

to install a new print driver, you have to have admin permissions

Having the ability to turn off user access to a feature does not make that an admin permission.

Re:Slow news day? (1)

hobarrera (2008506) | more than 2 years ago | (#39199559)

He has the knowledge to do the above, but he dedicates his time to developing the kernel, instead of configuring user-level stuff like printer installation UIs and stuff like that. He just relies on some distro, with it's general packaging of software, etc. This time, he just hit one with an anoying habbit of asking for a root password every five minutes. Lots of people can tweak it so it doesn't do that. But moving to a distro with saner defaults is just faster, and more efficient.

Re:Slow news day? (1, Troll)

Bill_the_Engineer (772575) | more than 2 years ago | (#39199863)

You insinuate that somehow his time is more valuable than anybody else's. Also there is push back from the OpenSUSE community that insist they like the current security defaults. Anyway I'm pretty sure he wasted more time writing his little rant than it would have taken to make it where his son could use a printer.

One could speculate that he is just demonstrating the consequences of not taking all of his opinions as gospel and giving it the upmost priority on bug tracker.

Re:Slow news day? (1)

geekoid (135745) | more than 2 years ago | (#39199781)

bu the point is, you shouldn't have to. Think about wider distribution, say.. 500 machines.

Re:Slow news day? (1)

Bill_the_Engineer (772575) | more than 2 years ago | (#39199991)

bu the point is, you shouldn't have to. Think about wider distribution, say.. 500 machines.

I assume you would make a custom distribution with SUSE Studio and install it on all of your machines.

Don't use it then! (0)

Anonymous Coward | more than 2 years ago | (#39199517)

Every time I use SUSE, it feel like every single thing about the system makes it geared towards controlled corporate deployments.

It's actually pretty good for that, but I can't understand for the life of me why someone would use it as a personal hacking system.

if Torvalds kid is smart enough to use (1)

FudRucker (866063) | more than 2 years ago | (#39199539)

linux on a laptop he should be smart enough to be able to responsibly know and use the root password, he is Linus Torvalds kid for gosh sakes!

Re:if Torvalds kid is smart enough to use (2)

msobkow (48369) | more than 2 years ago | (#39199711)

More to the point: if it's the kid's laptop, why don't they already have the root password?

It sounds like "Dad" is being a bit too controlling about the computers in his home, not that the security is excessive.

Geeze, what a drama queen! (1)

euroq (1818100) | more than 2 years ago | (#39199565)

From Linus's post,

So here's a plea: if you have anything to do with security in a distro, and think that my kids (replace "my kids" with "sales people on the road" if you think your main customers are businesses) need to have the root password to access some wireless network, or to be able to print out a paper, or to change the date-and-time settings, please just kill yourself now. The world will be a better place.

This sounds like a post from an anonymous coward on Slashdot!

Re:Geeze, what a drama queen! (3)

SomePgmr (2021234) | more than 2 years ago | (#39199819)

Then I'm going to have to start browsing at 0, cause that shit is dead-on.

Why all this echo on /. ? (1)

everslick (1232368) | more than 2 years ago | (#39199585)

C'mon, all this buzz about a 4 line post on G+ ? It's not even silly season yet.

Slashdot changing gender of Linus's kid? (0)

Anonymous Coward | more than 2 years ago | (#39199729)

Slashdot summary: "When his kid needed to call from school for the root password just so HE could add a printer to a laptop..."
From Linus: "And today Daniela calls me from school, because SHE can't add the school printer without the admin password."

SCO (0)

Anonymous Coward | more than 2 years ago | (#39199745)

try changing its IP address (yes, that architecture is still used in some places).

I dunno, some printer mfgs (on windows at least) install spyware along with
their driver. So, I don't think this (asking for a password) is necessarily bad, IMHO.

User's should be allowed to "change" /etc and other system-wide configuration settings.
I don't run SuSE (Fedora - but don't get me started on their latest distro - how do you break 'vi').

I don't think you can be too secure...

Minor correction to the summary (0)

Anonymous Coward | more than 2 years ago | (#39199895)

Linus's kid is a "she" not a "he"

"And today Daniela calls me from school, because she can't add the school printer without the admin password."

Printing? (1)

JustAnotherIdiot (1980292) | more than 2 years ago | (#39199933)

Back in my day, we copied pages by hand that we needed our own copies of. You're all a bunch of spoiled, lazy brats!
Now if you'll excuse me, I have a hill to go up in order to get home.

Re:Printing? (2)

w_dragon (1802458) | more than 2 years ago | (#39200261)

The same hill you came up to get here?

Classic Angry Freetard (0)

Anonymous Coward | more than 2 years ago | (#39200047)

From TFA:

"I gave OpenSUSE a try, because it worked so well at install-time on the Macbook Air, but I have to say, I've had enough. There is no way in hell I can honestly suggest that to anybody else any more.
 

Yes, that is so scary, oh noes, everyone who uses SUSE will run to other distros because Linus says so.

"I first spent weeks arguing on a bugzilla that the security policy of requiring the root password for changing the timezone and adding a new wireless network was moronic and wrong."

"So here's a plea: if you have anything to do with security in a distro, and think that my kids (replace 'my kids' with 'sales people on the road' if you think your main customers are businesses) need to have the root password to access some wireless network, or to be able to print out a paper, or to change the date-and-time settings, please just kill yourself now."

Crucial Conversations. Read it. Now. Please. Before speaking again.

Oh and Tanenbaum always much >>> than Linus.

Fanboy? (0)

Anonymous Coward | more than 2 years ago | (#39200105)

I read that summary and only question coming to mind is 'when did Linus have a boy?'. Makes me feel like an airheaded fanboy :-(

Taliban ways... (1)

Isaac Remuant (1891806) | more than 2 years ago | (#39200163)

BZ: +Linus Torvalds I've got to disagree about the connecting to other networks. We have students that connect to other networks to bypass our internet filtering. It makes it a pain, because they neglect to reconnect to our wireless before logging off. Then other students can't log on or can't connect to their server shares.

Linus Torvalds - +Blair Z: if you want to restrict people from doing everyday things, make that the uncommon option, and add a checkmark for it.

Don't force your taliban ways on everybody else.

smooth.

His daughter is probably more mature than him. (0)

Beelzebud (1361137) | more than 2 years ago | (#39200209)

I'll bet his poor daughter rolled her eyes when he began ranting into the phone. Seriously, I see this with "smart" people from time to time. Just because you're smart, doesn't give you free reign to act like a dick and tell people to kill themselves. I think the problem with people with this sort of attitude is that they never had one person in their life stand up to them. When surrounded by ass kissers and zealots, it's easy to start believing your own hype.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...