The worst part is that this kind of thing actually makes security worse.
If you force people to bypass security to do ordinary tasks, and train them to constantly enter the root password for everything, you don't actually have any security. It's like the password policy that's so impractical that everyone sticky-notes passwords to their monitors, or the Vista UAC.
A little intemperate but pretty much right IMHO. It's far too easy, bureaucratically, for someone to tighten a security screw than loosen it. So straightforward goofs like this (e.g. there's no permissions system in place for printer or wifi addition yet, so you need root -- just a architecture thing, not an authentication requirement) get locked down by their interaction with the security subsystem. So no one wants to make the call as to whether "security will break" if you allow printer configuration to non-root users. So nothing happens.
That said, modern linux certainly has mechanisms in place to handle this stuff. Fedora and Ubuntu don't seem to have a problem with seamless system configuration from the console user anyway.
It really depends on the context / configuration (or at least should depend on). Imagine a host available to public at a library. Considering that people can come there to print out some sensitive documents, you don't want to allow normal users to change printer settings. Someone could remove the default one and set up a tunnel through his own host, capturing all documents on the wire before they hit the printer. Very similar situation exists for the WiFi networks.
Of course this doesn't make any sense on a laptop. But it doesn't look like there's any sane default. You need to choose your configuration properly and that's it. If OpenSUSE doesn't allow it, then yes... that's a bug.
I disagree. Defaults should be prioritized; they should optimize for the majority of the users, not the minority, and for the casual home user, not big organizations (like libraries), since they're more likely to have professionals configuring the system.
In cases like this, couldn't the library administrator just remove the rights for all their machines? Create a user account with less privileges than a normal user and let patrons use that.
I don't think someone who actually knows what it's like to experience suicidal thoughts would ever say something like that to people in a technical/professional context.
There is something to be said for the "tough love" Linux culture, but IMO, language as extreme as what I just quoted is just not acceptable.
For me, this is crossing the line from "Linus has an interesting and entertaining character" to "this person seems to be mentally disturbed."
I suppose it's more a cultural issue - no Finn would read that post as seriously as you did. Many would consider it hilarious. It's quite typical in informal Finnish way of speaking to use "dark" metaphors, and granted they come out a little bit clumsy in English, but I know a lot of Finnish coders who express themselves with similar language that Torvalds does. I remember a few incidents from my Nokia career where this caused "issues" when we were communicating with Nokia employees in US over the email.
Been there, done that, got the meds. It taught me the valuable distinction between normal mood swings and out-of-whack brain chemistry.
Seriously, if you have a strong bout of suicidal thoughts in reaction to flippant remarks such at Torvalds's then you need to bring this up to a mental health professional because your current coping mechanism isn't working.
If you're merely tut-tutting with disapproval however I simply disagree. Wanting a world where people never get their feelings hurt is a fruitless quest.
As someone who has had professional help to go through what I will only refer to as "the dark patch of my life" I think your over reacting. This might be a cultural thing but as an Aussie, this is viewed as pure exaggeration and has NO connection to reality. If there is no connection to reality then why get upset about it? If there is no intention for a slight then why care?
Maybe this is one of the subtle cultural differences, but surely you agree it isn't fair to judge someone on your own cultural standard on the internet over something simple as a few words? If your truely offended by him, just ignore him.
In my mind the conversation is richer if we don't need to be so careful about dropping to the "Lowest Common denominator". Let there be colour, excitement, rants and exaggeration. In the end I think it helps understand people more then putting on the facade of beige that so many politically correct people insist on.
Actually, the above comment immediately tells me: "oh, another American, why can't the guys take a bloody joke, we're not all 9 year olds". It rarely is a French guy or a British complaining on such matters.
It's funny that some of the areas that he touches on are also things where Windows requires local admin. Clearly a messed up privileged action model seems to be common across OSes.
You know that UAC prompt you get when running setup.exe for an IM client? Ever wondered why there's an UAC prompt in the first place? Because Windows assumes that setup.exe needs admin privileges (unless .exe explicitly states that it doesn't). This piece of engineering doesn't even have a concept of ~/bin. In fact, there is/was an official W7 guideline that said that all programs must go into %ProgramFiles%, which is a system directory. Now, what sort of a imbecile decided that it's a good idea to let an underprivileged account install into a system directory - UAC or not - is beyond me. So, please, don't mix Windows in. While Linux distros have their dark moments, Windows is just one big service pack now.
Fedora had this problem last time I used it, things like adding printers prompted for the actual root password (according the docs Fedora 16 still prompts for the root password). Ubuntu (and Mint) got it right. There are privilege groups that can be set so things like adding printers and wifi networks don't ask for a password. For things the user doesn't have privileges for, if they are an admin it will prompt for their user password (sudo-style) instead of the root password.
As Linus said, the SUSE and Fedora way makes it hard to deploy in a business setting where you want users to be able to administrate their own machines but you don't want them to have the root password.
Seems to be part of the free OS culture. Everyone trashes someone. Theo and the OpenBSD devs think Linux is garbage written by people who don't understnd Unix. All of the free OS guys have someone they make fun of regularly. It's a bit silly I think, but that's just how it is.
"Look at them, they use C++... ha ha ha idiots. Oh look at them, they use Linux... utter and complete bloated garbage compared to real Unix."
same here. Linus is a man with strong opinions, so i guess the kind of language he uses helps reflects that.
and i find it funny that people get upset so much over it. some "political correctness" crap. look, you don't control what other people say or does, but you can control how that affects you. if you're going to seriously get upset about someone telling you to "kill yourself", you should get yourself a psychiatrist. because you really just might.
He is spot on, but I find (and always found) his wording way too aggressive. Makes it kind of hard to have a constructive discussion on the topic, which by the way really needs such discussion.
It's also kind of hard to have a constructive discussion on the topic if nobody takes notice. Without the invectives, it probably wouldn't have been noteworthy enough to spread like wildfire across the hacker sphere.
every now and then linus peeks in at what passes for linux, freaks out, gets pissed off at the state of things, vents, and everyone chimes in. so i'll chime in.
this is what you get when you are laissez-faire about how things operate in the land you helped create and ignore issues (via guidance and suggestions) for years on end. this happened with wifi some years ago, too, and didn't get attention until linus got a laptop with wifi.
this is just one reason why i stopped using linux day to day over ten years ago, happily.
It's all about the perceived level of intelligence related to the field. It'd be no different than Rand Paul making a fuss about budgets versus Joe Blog.
He is wrong about date/time setting. Most computers have automatic time sync, and consistent time stamps are important for many business purposes. Giving end users the ability to manipulate time can cause significant issues.
Is it overkill for Linus's kids? Yes. But OpenSUSE wasn't put together for his kids.
> I first spent weeks arguing on a bugzilla that the security policy of requiring the root password for changing the timezone
The time zone is a completely presentational setting, something that users can be expected to want to change every so often. And it has no relation to timestamps.
He is wrong about date/time setting. Most computers have automatic time sync, and consistent time stamps are important for many business purposes. Giving end users the ability to manipulate time can cause significant issues.
On a laptop? A seriously doubt it. Make the bloody distro learn to differentiate between a server and a personal installation, and change the settings accordingly.
Really? How so? Because the MacBook Air has nothing to do with the issue at hand, and it is by Linux admission the best laptop for him (from the thread: "Trust me, I tried. Nothing better exists. It's sad. They are all big and clunky").
[+] [-] DarkShikari|14 years ago|reply
If you force people to bypass security to do ordinary tasks, and train them to constantly enter the root password for everything, you don't actually have any security. It's like the password policy that's so impractical that everyone sticky-notes passwords to their monitors, or the Vista UAC.
[+] [-] astrodust|14 years ago|reply
[+] [-] unknown|14 years ago|reply
[deleted]
[+] [-] tantalor|14 years ago|reply
[+] [-] davidw|14 years ago|reply
[+] [-] ajross|14 years ago|reply
That said, modern linux certainly has mechanisms in place to handle this stuff. Fedora and Ubuntu don't seem to have a problem with seamless system configuration from the console user anyway.
[+] [-] viraptor|14 years ago|reply
Of course this doesn't make any sense on a laptop. But it doesn't look like there's any sane default. You need to choose your configuration properly and that's it. If OpenSUSE doesn't allow it, then yes... that's a bug.
[+] [-] icebraining|14 years ago|reply
[+] [-] justncase80|14 years ago|reply
[+] [-] javert|14 years ago|reply
I don't think someone who actually knows what it's like to experience suicidal thoughts would ever say something like that to people in a technical/professional context.
There is something to be said for the "tough love" Linux culture, but IMO, language as extreme as what I just quoted is just not acceptable.
For me, this is crossing the line from "Linus has an interesting and entertaining character" to "this person seems to be mentally disturbed."
[+] [-] dirtyaura|14 years ago|reply
[+] [-] tygorius|14 years ago|reply
Seriously, if you have a strong bout of suicidal thoughts in reaction to flippant remarks such at Torvalds's then you need to bring this up to a mental health professional because your current coping mechanism isn't working.
If you're merely tut-tutting with disapproval however I simply disagree. Wanting a world where people never get their feelings hurt is a fruitless quest.
[+] [-] jlawer|14 years ago|reply
Maybe this is one of the subtle cultural differences, but surely you agree it isn't fair to judge someone on your own cultural standard on the internet over something simple as a few words? If your truely offended by him, just ignore him.
In my mind the conversation is richer if we don't need to be so careful about dropping to the "Lowest Common denominator". Let there be colour, excitement, rants and exaggeration. In the end I think it helps understand people more then putting on the facade of beige that so many politically correct people insist on.
[+] [-] beedogs|14 years ago|reply
That's a pretty bold accusation to be making of people who simply typed some shit on the Internet.
[+] [-] mongol|14 years ago|reply
[+] [-] simonh|14 years ago|reply
Every time I think of travelling to America again, I read something like this and think... nope, not worth it.
[+] [-] rimantas|14 years ago|reply
[+] [-] batista|14 years ago|reply
[+] [-] cpswan|14 years ago|reply
[+] [-] huhtenberg|14 years ago|reply
You know that UAC prompt you get when running setup.exe for an IM client? Ever wondered why there's an UAC prompt in the first place? Because Windows assumes that setup.exe needs admin privileges (unless .exe explicitly states that it doesn't). This piece of engineering doesn't even have a concept of ~/bin. In fact, there is/was an official W7 guideline that said that all programs must go into %ProgramFiles%, which is a system directory. Now, what sort of a imbecile decided that it's a good idea to let an underprivileged account install into a system directory - UAC or not - is beyond me. So, please, don't mix Windows in. While Linux distros have their dark moments, Windows is just one big service pack now.
[+] [-] 16s|14 years ago|reply
[+] [-] antoncohen|14 years ago|reply
As Linus said, the SUSE and Fedora way makes it hard to deploy in a business setting where you want users to be able to administrate their own machines but you don't want them to have the root password.
[+] [-] SkyMarshal|14 years ago|reply
What would that be exactly? I didn't realize any Linux distro's worked well on MBA yet.
[+] [-] donniezazen|14 years ago|reply
[+] [-] 16s|14 years ago|reply
"Look at them, they use C++... ha ha ha idiots. Oh look at them, they use Linux... utter and complete bloated garbage compared to real Unix."
Wash, rinse, repeat.
[+] [-] thetroll|14 years ago|reply
and i find it funny that people get upset so much over it. some "political correctness" crap. look, you don't control what other people say or does, but you can control how that affects you. if you're going to seriously get upset about someone telling you to "kill yourself", you should get yourself a psychiatrist. because you really just might.
[+] [-] trevi|14 years ago|reply
[+] [-] sjwright|14 years ago|reply
[+] [-] jnazario|14 years ago|reply
this is what you get when you are laissez-faire about how things operate in the land you helped create and ignore issues (via guidance and suggestions) for years on end. this happened with wifi some years ago, too, and didn't get attention until linus got a laptop with wifi.
this is just one reason why i stopped using linux day to day over ten years ago, happily.
[+] [-] redthrowaway|14 years ago|reply
It's gotten a whole lot better in the last 10 years.
[+] [-] vacri|14 years ago|reply
It's not Torvalds' responsibility, implied or otherwise, to manage what kind of password userspace requires for setting config settings.
[+] [-] yitchelle|14 years ago|reply
Would it make a difference if s/Linus/JoeBlog/ mentioned it if the issue is so frustrating?
[+] [-] dpcx|14 years ago|reply
[+] [-] Duff|14 years ago|reply
Is it overkill for Linus's kids? Yes. But OpenSUSE wasn't put together for his kids.
[+] [-] alextgordon|14 years ago|reply
> I first spent weeks arguing on a bugzilla that the security policy of requiring the root password for changing the timezone
The time zone is a completely presentational setting, something that users can be expected to want to change every so often. And it has no relation to timestamps.
[+] [-] batista|14 years ago|reply
On a laptop? A seriously doubt it. Make the bloody distro learn to differentiate between a server and a personal installation, and change the settings accordingly.
[+] [-] Iulian|14 years ago|reply
[+] [-] batista|14 years ago|reply