Retraction: Five *nix Myths Busted

Dear Ken,
Do you feel better now that you've thrown the toys out of the pram?
This entry is pathetic. If you can't accept criticism, you should quit blogging.
I'll certainly stop reading you. What do I hear? Good riddance? Pathetic...

I saw that some responded quite harshly, but this looks counter-productive. Some of your points would justify a follow up clarification of facts or opinions.

I would agree about number 5, 4 (strange this would be an issue since su could be followed by whatever user you want to substitute, even though it defaults to root), 3 (even if it at the moment usually need to involve some manual compromising of a system, the injected code would qualify as a virus if it behaves like one) and partially about 2 and 1.

About number 2 I would add that it's possible to make a Windows system as secure as Linux, but because of its design and, as someone commented, unruly third party applications you likely need to limit usability. It will probably be surrounded by external protection as well, which gives it a twist since such an infrastructure very well could include Linux or BSD in some kind of implementation. If you compare them as protected inside a well designed infrastructure, I would agree with you, but that doesn't equal the base design stand alone, and hence I can't see real proof to agree on such generalisation. I for sure would not put a Windows server in front to protect the rest.

The reboot myth is more of a bragging factor. If you're comparing desktop systems there's no need to test these limitations, but if you do many would agree that Linux isn't affected by uptime the same way as Windows. If we agree that uptime by itself isn't the sole purpose of a system, then we must understand that there's a reason for why technical solutions for hot-swapping of the kernel has been developed. You don't actually think that it's just some unnecessary bragging geeks making it possible to brag some more, do you? I doubt you do and hence we shouldn't dismiss Linux upper hand here as part of the "never rebooting myth", but recognize that Linux because of this is a better choice for some implementations. I'm not the expert, but your statements about it came through as erroneous to me.

I sometimes run very long jobs and the system going down even monthly is BAD! Of course I am not talking about workstations or desktops.
And I can write a monitoring script to restart the job from a point where this is possible, but running on a stable Linux machine that goes down once or twice a year saves me couple of hours of writing and testing; then few hours of testing when downtime occurs.
We currently four Linux systems, each 16 quad cores. 3 of them have not been down for 6 months. The other one was replaced because of bad MB (at least that is what the vendor says) and has been stable since (2-3 months).
These are running huge jobs and are handling Oracle, mysql and posgresql. I am not bragging since I am user, not sysadmin. Just saying there are systems, where stability does matter.

Great article...some people will get it...the others don't matter

5) Have you ever ever thought that maybe "don't login as root" is a quick way to say "If you routinely and usually login as root and perform non administrative tasks, your system is slightly more at risk than if you don't, so if you leave the root access open, you or your users will end up logging in as root, because sometimes you do have to be the *Super* *User*, and people really don't want to remember more than one password, so you or your users will probably end up reading email or surfing the web as root and thus any process you launch will have total access to your system just like on most insecure Windows machines"?

You take this (mostly right) sentence, "u shouldn't login as root" and transpose it to "Don't ever EVER ever login as root". Then you tag it as a myth, and show your hate fort it and make fun of people saying it.
And when most readers comment that you are just plain wrong, you come out with this other ironic post and use *YOUR* transposed sentence "Don't ever EVER ever login as root" to make fun of them. This is not what they

I think you are the one that is missing something. Apparently logic

And about the super user, in

http://pthree.org/2009/12/31/the-meaning-of-su/

there is the source of the original su command.
If you read the code you find:

ok:
setuid(0);

There is no other user switching option. Not yet. There is even no mention of root.

You just become "the user with uid 0". Not necessarily named root.

How can you *define* the user with uid 0 whatever it is named on that system?
The "super user". Usually the super user is called "root", but we don't care in this code.
[ http://en.wikipedia.org/wiki/Superuser ]
"Regardless of the name, the superuser always has zero user ID."

Is it so difficult to understand that someone may have decided to add the user switching capability later on, and thus renamed su from "Super User" to "Switch User". Like PHP was renamed from "Personal Home Page" to the recursive "PHP Hypertext Processor" later on?

So probably the right definition is:

<<SU originally meant "Super User" but was later changed to "Switch User" when more options were added>>

The keyword here is "probably". The intelligent dubitative approach of Aaron Toponce (whoever he is) in that page is the right way of addressing the question. While your "I know the Truth while the others follow myths" approach is simply disgusting.

I see I was confirmed in the opinion that you are an idiot.

Enjoy throwing your toys out of the pram it can be theraputic. Doing it in public is generally considered childish.

Jane, you are an ignorant slut. That was all I could think of after reading the first post, and then the rebuttal. Have you lived in the the real "Unix" world? No, not the Linux world, or the window-hugging recent newbie convert to some windows-like distro that has a gui (like Mac)? I am talking about boxes that have never been past runlevel 3 (on linux) and don't even have any X code on them. Me, I prefer OpenBSD or FreeBSD servers, or even stripped down Debian servers. No services except when you specifically install them. No ports open unless you specifically open them. And yes, no remote access to root via SSH.
Yes, you can get hosed on these boxes if you install a stupid app or stupidly install a stupid app. Hopefully you get an email every day informing you of the latest vulnerabilities on the box (like any good BSD does). And then you patch. Unless you have a kernel patch, you don't reboot. Maybe, once a year, or every couple of years on a BSD box, or every decade on an OpenBSD box.
Look, I appreciate your trying to make Unix "mainstream". Good luck with Solaris. It is a PITA to install headless. It wants its GUI. I don't want no stinkin' gui. That's what makes windows "servers" such a piece o' crap - that and the browser and media player that they toss in for "added value". WTF was M$ thinking, putting that kind of crap on a server.
Nice rant, eh? I usually don't do this, but I have been dealing with the marketing department all month, and am ready to go postal. So this crap / drivel just drove me right to the edge.
Good luck.

A similar post by me on pthree.org
I worked with the Unix OS from the early 1980′s (at first we ran early versions on a DEC PDP-11) until 1992. Starting in 1992, I did contract work on proprietary versions based on SVR4.

It was just easier to say the initials “S U” or “super-user” than to say “switch user” or “substitute user”. To insist on correctness, whether authoritarian, historical or otherwise seems petty. To me, "super-user" really means "root" and "su" is a command that might enable me to become root - IF - root has a password and I know that password.

Depending on the options used, su can be used to switch user, substitute user or become “super user”. Success depends on knowledge of the appropriate password. “sudo” on the other hand may allow one to become any other user (depending on the configuration of sudo and being a “sodoer”) knowing only the login password.

On the systems I have used, a sudoer can become root (“super user”) using this shell command at a terminal:

sudo su – root

and responding to the prompt with the login password used to sign in the current user.

I think it is important to point out that you cannot become “super user” or root from a shell with the su command alone unless there is a root password and that password is entered at the prompt.