On 2/11/11 6:55 PM, Nico Kadel-Garcia wrote:
you go back to '95 and look at the security/design flaws in shipping Linux products it is not pretty either. Pretty much everything had wide open holes in required network services like bind/sendmail/ftp as well as the kernel itself (wade through the changelogs on any of the programs if you aren't convinced). I do agree that pre XP/SP2 versions of windows were badly broken and still resent the trouble they caused, but it's probably time to forget that.
Not as big, serioiusly. The separation between "userspace" and "kernelspace" and "root access" was much better than it has been in the Windows world.
So exactly what couldn't you do after exploiting one of the holes in bind or sendmail or the kernel? It is only recently that bind was moved to a chroot and sendmail to mostly run as a non-root user.
Sadly, freenx is abandonware. So is neatx. (I've been working with them lately.) The clients and servers from NoMachine are pretty good, and play nicely on CentOS. (I'm using them now for personal use, which their license allows.) The new NX version 4 alpha release is very, very alpha. We'll see how it works out in the long term. I've been trying to pay them for licenses, but the licensing model hasn't fitted anything I can *explain* to the people who sign checks.
Yes, it's too bad memory wasn't cheap back when X was designed or maybe they would have done client caching in the first place.