Why do people switch to Linux 13480

Well, that's nice, I guess. But if the ACL's all say "go ahead and mess with me" by default, then they aren't really doing much good in a practical sense. They aren't "wasted" in the sense of bread going bad, but perhaps the effort that was put into this pervasive system of ACL's is mostly wasted effort if the way the system is marketed and supported does not encourage good security practices to begin with.

I'm glad you agree.

Likewise UGO. For most users ACL's don't really have much advantage. They get used in simple ways that UGO could handle just as well. When they are used in non-simple ways, users tend to shoot their feet off.

As I said, whether they are "used" in the sense of being checked does no good if the default setup is "free reign to everyone".

Not much, but then Linux distros and Linux culture discourage that while Windows defaults and culture tend to encourage it.

A user is really going against the grain if he runs as root all the time under Linux (or any Unix). As a general rule, such people are pressured to change their ways by the Linux community, by their friends who help them, by the distribution defaults, by prominent warnings (e.g. big red borders on root windows), etc. I addition, the system and the software that it runs is built in such a way that not running as root is no great hardship. Unless it is a system-level utility, software does not come with instructions that suggest running it as root, nor does it come with a ten-page guide of things you have to tweak to make it work as a normal user.

A Windows user, by contrast, runs as administrator by default. He also probably has software that fails to work correctly as a user. He is in various ways blatant and subtle encouraged to be at least a "power user" if not admin at all times. I mean, who doesn't want to be a "power user", right? Just one example of sending exactly the wrong message that's embedded in the Windows software development culture.

So yes, the clbuttic Erik argument is true. In theory if everyone ran as root then Linux security would be as bad as Windows. But in practice, that is unlikely to become the norm for the reasons I outlined above and so that particular theory is irrelevant.

At least as much as ACL's. Are we arguing theory here, or average home users?

Letting their friend log in to run MATLAB without disturbing ongoing work or having to install it all over again. Popping over to Fred's machine to grab a file or use his color printer. Logging in as another user on your own machine to to test scripts in a different environment. There's lots of little ad-hoc uses that come up. You get real used to this sort of thing once you have it.

But pandering to them is not.

The user is not encouraged in any way to adopt any practices at all. He is instead pandered to and sold software that doesn't work right with the security model you tout so highly. This is not the user's fault.

What everyone expects is not that Windows protect itself from root, but that Windows adopt more sane defaults so that the user is not running as root 90% of the time. That the Windows vendor community get off the dime and actually make their products work with the security model out of the box, without requiring the user to decide between following a 10-page tweaking guide or running as rot to make things work right.

That's what "everyone" has expected for lo these last ten years at least.

-- - Bob Hauck - A proud member of the reality-based community.