The quantum world is a weird one at least to us and superposition sounds like magic. However the universe is not governed by lack of imagination.
@rockedge your point is well taken and I think could be expanded.
Puppy users may not like using a different file manager after getting use to rox. However the writing in on the wall unless someone ports it to gtk4.
The same goes for jwm. It is likely to be replaced with a wayland windows manager.
In the end their replacements will do the same thing only differently.
What I am trying to say is we may not like it and may complain but we will adapt. Resistance is futile.
Okay. So, just how secure IS Overlayfs....? (a wider discussion about future Puppy development)
Moderator: Forum moderators
-
- Posts: 331
- Joined: Tue Nov 22, 2022 9:11 pm
- Location: Canada
- Has thanked: 186 times
- Been thanked: 52 times
Re: Okay. So, just how secure IS Overlayfs....?
- mikewalsh
- Moderator
- Posts: 6139
- Joined: Tue Dec 03, 2019 1:40 pm
- Location: King's Lynn, UK
- Has thanked: 787 times
- Been thanked: 1970 times
Re: Okay. So, just how secure IS Overlayfs....?
@rockedge :-
Everybody's different, I would say.
I started out in Linux like everyone, distro-hopping all over the place, thouroughly exploring this strange new world and generally getting my bearings. After less than a year, I came to Puppy due to hardware acceleration issues that meant the Unity desktop didn't work properly in Ubuntu.......then less than 6 weeks later, Canonical dropped support for my graphics during their constant, never-ending kernel customization program. Result? Regular, multiple crashes umpteen times a day, making things completely unusable......though admittedly, my ATI graphics adapter was pretty ancient by that time, and there couldn't have been many people still using one like it. To quote Mr. Spock: "The needs of the many outweigh the needs of the few...."
(*shrug*)
Having tried Puppy for a few weeks, I came to the conclusion that I'd found a distro I could see myself living with full-time. It wasn't long before 'Puppy' was the only thing to be found in our house.
Yeah, I get "itchy feet" from time to time, and go for a wander, have a look around and try summat new.....but it never lasts - with very few exceptions - and I'm always glad to return to the sanity of the kennels. Puppy has covered my online banking, health stuff - doctors, prescriptions, etc - anything official that needs doing, etc, etc, for years. I can do everything online that anybody else can, so I don't need to look for anything else, and my two alternate interests ATM (Haiku OS and ChromeOS Flex) are JUST that - interests - definitely not daily drivers.
I do indeed use Puppy Linux almost 100% full-time, because it just works for me. Unlike some, I get absolutely no thrill from constantly bouncing around from one new thing to another; stability, and the certainty of thoroughly understanding what I'm doing is, and always has been, of far greater importance to me.
Mike.
-
- Posts: 2877
- Joined: Fri Jul 31, 2020 3:37 am
- Has thanked: 2197 times
- Been thanked: 871 times
Re: Okay. So, just how secure IS Overlayfs....?
Same here. But the thing is, it's not just puppy anymore.
There are so many good distros being cranked out on this forum right now it kind of makes my head spin. Some are builds that are limited in life, others are rolling releases, some are builds of mainstream OS's that are frugally installed,
and the experimentation just keeps coming.
That's what puppy-linux is in my opinion, not an OS, but a mindset of finding ways to use what's already out there in the most versatile way possible.
I only use distros from this forum, for one, because I don't want to have to create unique partitions for each OS I use.
At the moment I'm using KL builds that are the base systems of Void and Arch, rolling releases, Void being the one I gravitate toward, because as I understand Void sticks with one rolling release for a very long time before totally rebuilding the system.
That means stability/longevity for me in combination with upgrades and security fixes. And I can throw two or three different installs of these to play with, right along side puppies and dogs, all on the same partition.
Does the average user, my wife for instance, care? No. But she's been using fossapup9.5 for a year now and doesn't bat an eye. It does everything she wants it to do.
And it doesn't change.
Me I'm changing and building my OS's constantly, but forum distros do both equally well.
So if you're one of those people who likes the OS to remain in one state for years at time, then I would learn how to grab the woof recipes and give building it a shot, because that will keep the environment active, and you might actually be able to customize it to your tastes.
If you want to use a mainstream base OS with all the versatility of a puppy install, then I would give running a firstrib script a shot. And if it works well, you can have the best of both worlds, mainstream puppy style.
geo_c
Old School Hipster, and Such
- rockedge
- Site Admin
- Posts: 6521
- Joined: Mon Dec 02, 2019 1:38 am
- Location: Connecticut,U.S.A.
- Has thanked: 2727 times
- Been thanked: 2614 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....?
I would give running a firstrib script a shot.
Totally can be done. I have examples for a PLUG that will build something close to KLV-Airedale. With some tweaking the polish on the PLUG examples complete OS's can be built. Once one gets the hang of scripting the PLUG themselves, it is very easy to shape it exactly customized to produce a working OS. Just changing the desktop environment from the ground up makes the distro clean and fresh.
It is something to consider. The possibilities only have been scratched a bit on the surface on what can be assembled.
- wiak
- Posts: 4074
- Joined: Tue Dec 03, 2019 6:10 am
- Location: Packing - big job
- Has thanked: 65 times
- Been thanked: 1204 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....?
rockedge wrote: ↑Sat Jul 29, 2023 7:02 pmThere are plenty of other Linux distros and I wouldn't be surprised at all if many people who post on this forum don't use any forum distro as their main distro in actual reality.
Well I do. I haven't touched Zorin or Mint or any full install of Linux or a new Windows install in years. That is in many years.
Well, of course, it is fair to say I would not have the current habit of mainly using mainstream full installed distro had it not been for business reasons. Having said that we used WDL_Arch64, which was in same vein as Sofiya's current KLA_OT2baseCE for two years solid for the business, but I wasn't using it with save2flash and decided to instead us a well-maintained by larger team, being Zorin lite OS to try and save me some maintenance time. In that sense it was probably a good decision on my part - now moved to Linux Mint XFCE (though I reconfigure it a bit to be more like Zorin set up) - but, yes, not having frugal capabilities spelt disaster for me sometimes. Hence, my recently producing KL_full2frugal, not so much as a contribution for this forum, but simply because I became desperate for the facility so spared some time to make it for my instantly needed purpose. Since it doesn't write to the underlying full install, I feel safe using KL_full2fr, and with save-on-demand save2flash facility since the changes do not effect the full install itself but simply get written to a separate upper_changes folder (even in different partition as it happens). No doubt about the advantages of running frugal installs - best way of doing things overall.
https://www.tinylinux.info/
DOWNLOAD wd_multi for hundreds of 'distros' at your fingertips: viewtopic.php?p=99154#p99154
Αξίζει να μεταφραστεί;
- Grey
- Posts: 2023
- Joined: Wed Jul 22, 2020 12:33 am
- Location: Russia
- Has thanked: 76 times
- Been thanked: 376 times
Re: Okay. So, just how secure IS Overlayfs....?
What physics? What nonsense. Examples should be simple and fun. Two people are in bed and one pulls the blanket over himself, and the second is not satisfied with this. Here is an example.
That's what happens on the forum, not physics with chemistry
Fossapup OS, Ryzen 5 3600 CPU, 64 GB RAM, GeForce GTX 1050 Ti 4 GB, Sound Blaster Audigy Rx with amplifier + Yamaha speakers for loud sound, USB Sound Blaster X-Fi Surround 5.1 Pro V3 + headphones for quiet sound.
- rockedge
- Site Admin
- Posts: 6521
- Joined: Mon Dec 02, 2019 1:38 am
- Location: Connecticut,U.S.A.
- Has thanked: 2727 times
- Been thanked: 2614 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....?
Examples should be simple and fun
I think it is. And calling it nonsense is the same as a direct insult or not Komrade Grey?
a simple lack of skills in communicating in English? I don't think that is it at all, is it user Grey?
- Grey
- Posts: 2023
- Joined: Wed Jul 22, 2020 12:33 am
- Location: Russia
- Has thanked: 76 times
- Been thanked: 376 times
Re: Okay. So, just how secure IS Overlayfs....?
I have never been a member of the Communist Party. By the way, I have never been a member of ANY party at all, I am not a member and I do not plan to
It's just that some forum topics resemble a party meeting and they need to be diluted somehow cheerfully
Fossapup OS, Ryzen 5 3600 CPU, 64 GB RAM, GeForce GTX 1050 Ti 4 GB, Sound Blaster Audigy Rx with amplifier + Yamaha speakers for loud sound, USB Sound Blaster X-Fi Surround 5.1 Pro V3 + headphones for quiet sound.
- wiak
- Posts: 4074
- Joined: Tue Dec 03, 2019 6:10 am
- Location: Packing - big job
- Has thanked: 65 times
- Been thanked: 1204 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....?
ozsouth wrote: ↑Sat Jul 29, 2023 8:24 amI guess I've tried to prepare for the eventual demise of aufs, by gaining some understanding of overlayfs. I make kernels that can do both for now. I have made overlay-only to try. Biggest issue for many puppians is that sfs's don't work exactly the same. I can live with the workarounds, but many can't. I don't have the smarts to maintain aufs. I mostly run puppy only when I'm developing something. I've also set up Chrome Flex as a dual boot with puppy on 1 pc & I'm posting on a Chromebook now. I want instant options if/when things go pear-shaped in aufs, Xorg or whatever, so these other options are insurance.
The choice of aufs or overlayfs hardly matters to the definition and development of what is Puppy. Security issues of both are maintained by their upstream developers.
More recent Puppy designs (in particular those Debian/Ubuntu variants produced by dimkr) have totally led the way in Puppy development (despite woof-CE); the old voices that stick in the mud and object to change such as, not so important right now one way or the other aufs, JWM, Rox and Rox pinboard, X more generally, and Puppy Package Manager are responsible for its likely longer term demise. No big deal in itself - the old distro is old. If they don't want a new version then they may as well abandon ship, per their comments, since it is the users of Puppy that need to step up to the plate and develop it.
Bigger problem is the forum itself which by definition of the "Puppy Linux Discussion Forum" inevitably therefore promotes Puppy Linux as its main drawcard for new membership. Stagnation of Puppy development thus has a knock-on negative effect on all other distros featured here, despite many of these not stagnating at all - but on the whole only Puppy and FatDog have much exposure to the Linux community on the whole outside of this forum. Yes, that can change, but I feel the forum as a place of Linux-related discussion, is actually more important than any of the distros it features really - except that Puppy doesn't seem to be bringing in many new faces. I wonder if 5 years form now it will be the same old voices, including my own - surely we will all be fed up of our well-known opinions and rhetoric by that time?
Puppy Linux releases don't appear out of thin air. That's where woof-CE comes in, which is not part of this forum at all. Yes, there have been recent Puppy releases by dimkr that show Puppy in a new light. In particular, the adoption of official upstream dpkg/apt package management to many groans from many old-timers here. No point fighting the flow, at that stage, was the only opinion I had - PPM processing code remained tightly integrated into woof-CE so might as well let the old-timers still have that alternative despite (actually) the lack of sense really in supporting PPM alongside a much more reliable package management system - but that is Puppy, or at least the Puppy forcefully kept behind via the nostalgic desires for a traditional Puppy shape and form by all too many of its vocal supporters here on this forum. If Puppy dies, frankly, it is their fault. If they abandon ship rather than addressing the development and change required by Puppy then they show their true colours - no distro can develop for longterm future relevance if some of its users are not willing to step up to the plate and do the necessary development work. Nor can a distro be expected to survive if its majority users complain loudly at all attempts to implement necessary change.
I imagine a final decision to accept the removal of PPM would allow for considerable simplification of the woof-CE build system. Yes, it is indeed, as I've said before, nice that Puppy users could always reach for a well-known PPM no matter what Puppy distro they were using, but if that PPM resource ability of all Pups turns out to hold back the development of its build system then you might well be advised to let PPM go altogether, which is clearly a part of woof-CE complexity dimkr (logically) hates. If woof-CE lost that complexity, maybe the distrospec files all become simpler, the build recipes simpler, the likelihood of more Puppy users helping develop and change woof-CE to adopt all the new technologies without complaint, increase. As for those that would then 'jump ship' - what problem is that to this overall forum or to Puppy itself; it is the old Puppy nostalgia that holds Puppy back to some year in the early 2000's when it was indeed in its heyday. I have little doubt that it was complex to hack in all the Wayland support and more the way woof-CE is currently designed; simplify it, accept the inevitability of change, and perhaps five years from now this forum will have many new voices and faces, who actively champion the new Puppy system they are supporting. The "Puppy Linux Discussion Forum" appears certain to die or become irrelevant if such change (of design and attitude in support of change) does not happen. And yes, that will effect all distros this forum features since most other distros developed here (excepting perhaps FatDog) do not promote themselves in any way elsewhere and so rely on the highly promoted Puppy Linux itself to attract in new membership - some of whom eventually notice and also try out the alternatives.
I don't otherwise think any distro here is particularly important overall - it is the forum as an attractive place to discuss and collaborate about issues of Linux-related technology that I would miss (though not, sorry, when the faces and voice here, remain the old ones such as mine). The distros are interesting in concept, all of them however, and that to me helps make this forum an interesting place with novel ideas and implementations - as Puppy itself once was back in the pre-woof-CE days of early 2000s. PPM was certainly an interesting 'beast', but beast it is and that experiment should be long over, and woof-CE no longer just a way to keep generating traditional Pups in complex inflexible manner - time to remove the complex PPM code integrated into that and look towards modularising and simplifying woof-CE to encourage new contributors who do not stick in the old mud of PPM, JWM, Rox/Rox-pinboard, X-windows, or even aufs versus overlayfs (either of which remain usable options actually). A modular enough build system allows for alternative Desktop environments and filemanagers and so on without irrelevant and destructive groans and complains from old timers. But, I suspect, it is time to at last vote to remove PPM altogether - it is not only NOT actually needed, it is probably a weight around Puppy's neck and a coded complication that woof-CE as a build system would benefit from losing.
https://www.tinylinux.info/
DOWNLOAD wd_multi for hundreds of 'distros' at your fingertips: viewtopic.php?p=99154#p99154
Αξίζει να μεταφραστεί;
- Grey
- Posts: 2023
- Joined: Wed Jul 22, 2020 12:33 am
- Location: Russia
- Has thanked: 76 times
- Been thanked: 376 times
Re: Okay. So, just how secure IS Overlayfs....?
It was touching and nostalgic. Heartfelt. Honestly.
But let's get back to reality. A young man who has just bought a terabyte NVME SSD with NVM Express technology is approaching you. "Uncle Wiak, why do I even need these layers in the system, these PPM and so on, if I can put something popular on the entire disk and you still suggest using a ready-made APT?!"
What will you answer? I say right away - I don't have an answer strategy. What do you propose to say in response in such cases? A long speech with dry teachings or something else?
Fossapup OS, Ryzen 5 3600 CPU, 64 GB RAM, GeForce GTX 1050 Ti 4 GB, Sound Blaster Audigy Rx with amplifier + Yamaha speakers for loud sound, USB Sound Blaster X-Fi Surround 5.1 Pro V3 + headphones for quiet sound.
-
- Posts: 2415
- Joined: Wed Dec 30, 2020 6:14 pm
- Has thanked: 53 times
- Been thanked: 1199 times
- Grey
- Posts: 2023
- Joined: Wed Jul 22, 2020 12:33 am
- Location: Russia
- Has thanked: 76 times
- Been thanked: 376 times
Re: Okay. So, just how secure IS Overlayfs....?
dimkr wrote: ↑Sun Jul 30, 2023 7:00 amWorking on it, https://github.com/vanilla-dpup/woof-CE ... 0.x#readme
Support for plain ALSA and PulseAudio is gone. Only PipeWire is supported.
In recent versions, PipeWire has started behaving correctly with my zoo of sound cards. Before that, it was only in ALSA that I managed to make sure that the cards did not change their order. That's why I've already switched to PipeWire.
Support for X.Org and tools that modify xorg.conf is gone. Only Wayland is supported.
And here's the rub. My drivers aren't ready for such feats yet.
Fossapup OS, Ryzen 5 3600 CPU, 64 GB RAM, GeForce GTX 1050 Ti 4 GB, Sound Blaster Audigy Rx with amplifier + Yamaha speakers for loud sound, USB Sound Blaster X-Fi Surround 5.1 Pro V3 + headphones for quiet sound.
- Grey
- Posts: 2023
- Joined: Wed Jul 22, 2020 12:33 am
- Location: Russia
- Has thanked: 76 times
- Been thanked: 376 times
Re: Okay. So, just how secure IS Overlayfs....?
increase compatibility with Debian
The Puppy way of doing things is replaced with the upstream distro way of doing things
because this breaks compatibility with the upstream distro
Some core Puppy scripts that override the upstream distro are moved
@dimkr If I were you, I would rebrand and change the wording This can scare away old users, and push new ones to use the upstream
Fossapup OS, Ryzen 5 3600 CPU, 64 GB RAM, GeForce GTX 1050 Ti 4 GB, Sound Blaster Audigy Rx with amplifier + Yamaha speakers for loud sound, USB Sound Blaster X-Fi Surround 5.1 Pro V3 + headphones for quiet sound.
-
- Posts: 2877
- Joined: Fri Jul 31, 2020 3:37 am
- Has thanked: 2197 times
- Been thanked: 871 times
Re: Okay. So, just how secure IS Overlayfs....?
My take on why to use a "frugal" distro, as I stated earlier is simple. Why not install frugally and be able to install multiple distros on a single partition? The versatility and portability is the selling point to me.
Rather than have a traditional OS that resides on a single machine or partition, that is difficult to roll back if things break, or is difficult to maintain multiple versions side by side, difficult to copy exactly to a different machine, why wouldn't I want to be able to use a distro install method that allows me the flexibility of having three variant copies of a "popular" distro's upstream capabilities on a single partition that I can just copy to a usb stick and move somewhere else in 5 minutes?
All with the capability of remastering into an immutable layer as my starting point? The layerd file approach still rocks for that reason.
After 9 months of developing KLV-airdale, I remastered, and this is remaster is a starting point that I can put anywhere and simply type xbps-install -Syyu in a terminal to have a completely up to date void system.
This portable/reproducible flexibility I think is in keeping with the original BK-puppy vision. The need to keep it "ultra-small" by using a lot of home grown puppy-utilities/package-management is not so necessary or desirable any more with the availability of storage, though backward compatibility for older machines may still be a desired goal, it seems that those kinds of systems could still be woofed and available by those willing and able to learn woof, which I may attempt to do soon as time permits. I'm going to start with firstrib because I think it will be easier for me personally.
geo_c
Old School Hipster, and Such
- wiak
- Posts: 4074
- Joined: Tue Dec 03, 2019 6:10 am
- Location: Packing - big job
- Has thanked: 65 times
- Been thanked: 1204 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....?
Grey wrote: ↑Sun Jul 30, 2023 8:08 amincrease compatibility with Debian
The Puppy way of doing things is replaced with the upstream distro way of doing things
because this breaks compatibility with the upstream distro
Some core Puppy scripts that override the upstream distro are moved@dimkr If I were you, I would rebrand and change the wording This can scare away old users, and push new ones to use the upstream
The ones that might be frightened away would probably be best frightened away.
I had a look at the github page. Yes some old Puppy users with some amount of technical knowledge would probably look at the description and think the result was not a Puppy at all but, because it used debootstrap, really a DebianDog. However, on closer inspection, actually it is a Puppy Linux - just look at the init and anyone with sufficient technical knowledge about Puppy should realise that.
Fact is, if PPM is removed and dpkg/apt the chosen package manager, the help of debootstrap during the build stage, does not make a distro not a Puppy Linux. DebianDogs are not at all the only distros that use debootstrap at the initial part of their builds - Debian creates debootstrap, not DebianDog. And it makes sense IMO to use debootstrap when final distro uses dpkg/apt for package management - saves messing around trying to include all the correct dependencies and dpkg/apt database organisation for that to work properly - that's what debootstrap provides foremost and correctly provides for you anyway, so why fudge something as important as package manager inclusion by some do-it-yourself mechanism? Overlayfs rather than aufs (as I said) is not important overall in terms of what could be defined as Puppy Linux or not - it is well known here that alternative mechanisms can handle sfs load on the fly.
So do I think the result is a version of Puppy Linux. Yes I do.
And does it look to me more efficiently maintainable and able to be upgraded according to advances in technology. I have no doubt that is true.
Nothing more to say about it really except I have no doubt a Void Linux version could easily be incorporated/added as an alternative build (and actually there are bootstrap scripts for Arch Linux as well - which, actually, we employ in FirstRIb Kennel Linux builds (though there are several ways to crack the nut). But dimkr's distro is neither DebianDog, nor FirstRib type creations - both of these tend to be closer to upstream depending on the particular build extras added to the build script plugins. Dimkr's described distro instead holds onto the key Puppy initrd and major Puppy system control scripts - it's Puppy Linux - no doubt about that. And, yes, there is surely no reason it couldn't do well in the years to come, yet still be Puppy Linux, whereas existing traditional PPM-cored JWM/Rox/X-based Puppy hasn't a hope in hell of remaining relevant for more than a year or two more.
Some might say that any distro that can't install a dotpet can't be Puppy Linux. Actually FatDog team also realised that is irrelevant and not a way to define any distro. In fact other distros on the forum can also install most traditional dotpets (which are often quite simple but utility apps in the form of yad or gtkdialog frontends to underlying commandline utilities such as ffmpeg) - just a matter of converting them into .deb package form in practice.
https://www.tinylinux.info/
DOWNLOAD wd_multi for hundreds of 'distros' at your fingertips: viewtopic.php?p=99154#p99154
Αξίζει να μεταφραστεί;
- Grey
- Posts: 2023
- Joined: Wed Jul 22, 2020 12:33 am
- Location: Russia
- Has thanked: 76 times
- Been thanked: 376 times
Re: Okay. So, just how secure IS Overlayfs....?
As I thought. Wiak did not answer the post intended for him, but answered the post for dimkr. And even in this case, the post is NOT about whether the project can be called Puppy Linux at ALL.
Fossapup OS, Ryzen 5 3600 CPU, 64 GB RAM, GeForce GTX 1050 Ti 4 GB, Sound Blaster Audigy Rx with amplifier + Yamaha speakers for loud sound, USB Sound Blaster X-Fi Surround 5.1 Pro V3 + headphones for quiet sound.
-
- Posts: 2415
- Joined: Wed Dec 30, 2020 6:14 pm
- Has thanked: 53 times
- Been thanked: 1199 times
Re: Okay. So, just how secure IS Overlayfs....?
IMO the attempt to find the minimum set of conditions a distro must meet to be called "Puppy Linux" is a waste of time, just like the attempt to resist the switch away from hard dependencies with short shelf life (like aufs) and unmaintained software (like ROX-Filer and PPM).
-
- Posts: 331
- Joined: Tue Nov 22, 2022 9:11 pm
- Location: Canada
- Has thanked: 186 times
- Been thanked: 52 times
Re: Okay. So, just how secure IS Overlayfs....? (hijacked into a general discussion about anything & everything!)
IMO Puppy is an idea...a smaller portable OS that is ready to go OOTB
You can browse, play music and videos, write a document or spreadsheet and print. The software that makes that up doesn't matter as long as it works!
-
- Posts: 1546
- Joined: Sun Jul 12, 2020 2:38 am
- Location: S.E. Australia
- Has thanked: 241 times
- Been thanked: 684 times
Re: Okay. So, just how secure IS Overlayfs....? (hijacked into a general discussion about anything & everything!)
If Puppy dies, frankly, it is their fault. If they abandon ship rather than addressing the development and change required by Puppy then they show their true colours - no distro can develop for longterm future relevance if some of its users are not willing to step up to the plate and do the necessary development work.
True, but I guess fear of the unknown affects some of us old-timers. Whilst that shouldn't rule future directions, it means Puppy is getting away from our 'comfort zone', such that other options don't look so daunting as they did years ago. As Barry said a few weeks ago, maybe when things change too much & we older guys struggle to adapt, we look at our choices. Despite the development I've done over that last couple of years, I'm definitely at the limit of my ability & am making mistakes I wouldn't have made 10 years ago. It's taken me 20 goes to get my fossa64 project fairly right. I could wind up being another passenger. So I feel the ship may be sailing without me. Then one tends to look for a liferaft.
- bigpup
- Moderator
- Posts: 6971
- Joined: Tue Jul 14, 2020 11:19 pm
- Location: Earth, South Eastern U.S.
- Has thanked: 898 times
- Been thanked: 1520 times
Re: Okay. So, just how secure IS Overlayfs....? (hijacked into a general discussion about anything & everything!)
Getting back somewhat to the subject of the topic.
How secure is an exec file getting downloaded, that has all kinds of sudo this or that in it?
I know, Puppy does not need sudo, but the command(s) is still going to execute.
I do not think, a hacker is going to make something specifically to execute, in Puppy
The things you do not tell us, are usually the clue to fixing the problem.
When I was a kid, I wanted to be older.
This is not what I expected
- wiak
- Posts: 4074
- Joined: Tue Dec 03, 2019 6:10 am
- Location: Packing - big job
- Has thanked: 65 times
- Been thanked: 1204 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....? (hijacked into a general discussion about anything & everything!)
bigpup wrote: ↑Sun Jul 30, 2023 11:18 pmGetting back somewhat to the subject of the topic.
How secure is an exec file getting downloaded, that has all kinds of sudo this or that in it?
I know, Puppy does not need sudo, but the command(s) is still going to execute.
I do not think, a hacker is going to make something specifically to execute, in Puppy
That's a completely different topic to me. In discussions about overlayfs security, aufs is almost certainly going to come up and such discussions here are always concerned with traditional pup aufs usage versus moves towards using overlayfs.
However, sudo has no security risk really beyond the sudo permissions given to particular normal users. If user not assigned to sudoers group then no use to them. If assigned then they can only do what they have been given permissions to do, sometimes needing password if so required. But yes, if user able to run commands as root ia sudo then the sudo commands in script will have that power, but depending how sudo provided maybe needing password.
https://www.tinylinux.info/
DOWNLOAD wd_multi for hundreds of 'distros' at your fingertips: viewtopic.php?p=99154#p99154
Αξίζει να μεταφραστεί;
- wiak
- Posts: 4074
- Joined: Tue Dec 03, 2019 6:10 am
- Location: Packing - big job
- Has thanked: 65 times
- Been thanked: 1204 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....? (hijacked into a general discussion about anything & everything!)
G... we call it 'not taking the bait'
https://www.tinylinux.info/
DOWNLOAD wd_multi for hundreds of 'distros' at your fingertips: viewtopic.php?p=99154#p99154
Αξίζει να μεταφραστεί;
- mikewalsh
- Moderator
- Posts: 6139
- Joined: Tue Dec 03, 2019 1:40 pm
- Location: King's Lynn, UK
- Has thanked: 787 times
- Been thanked: 1970 times
Re: Okay. So, just how secure IS Overlayfs....? (a wider discussion about future Puppy development)
This probably isn't the best place to pose such a question, and as such more than likely merits its own thread. However; in the light of the last several replies - disregarding those from a certain member who never quite seems to be on the same wavelength as the rest of us! - I, for one, would still like to pose it:-
What makes a "Puppy" that is still relevant in today's modern climate.......and which will continue to remain relevant for the future?
To me, @d-pupp 's reply seems to encapsulate the whole thing better than most:-
.....and is ably supported by @geo_c 's well thought-out and crafted replies (most of which I thoroughly agree with):-
viewtopic.php?p=95084#p95084
viewtopic.php?p=95129#p95129
I'm more than willing to split this off into its own thread if others feel it to be warranted. To some extent, we seem to have got the bit between our teeth with regards to this subject, and I feel the momentum now needs to be maintained.
To me, also, Puppy is more of a 'concept' than it is a hard & fast collection of "rules" & "conditions" which should never be deviated from. Isn't Linux supposed to be all about flexibility, anyway? So long as it allows me to do what I've always used Puppy for, what does it matter how the underlying mechanisms function? After all, most users don't care one way or the other, so long as it works for them. I've said it before, and I'm going to say it again; any OS, purely on its own, is ultimately a means to an end......doubtless I'll upset the developers by saying this, but an OS is NOT the "be-all and end-all" by itself. At the end of the day, it's what you can use it to DO that counts.
I think even our assorted devs will agree with that.....
Gawd, that sounds like my own oft-stated comparison between Linux and Windows, doesn't it?
Mike.
- Grey
- Posts: 2023
- Joined: Wed Jul 22, 2020 12:33 am
- Location: Russia
- Has thanked: 76 times
- Been thanked: 376 times
Re: Okay. So, just how secure IS Overlayfs....? (a wider discussion about future Puppy development)
The first renaming of the topic (in parentheses ) was more interesting. It's not so interesting in parentheses right now. And now I don't even want to continue
Fossapup OS, Ryzen 5 3600 CPU, 64 GB RAM, GeForce GTX 1050 Ti 4 GB, Sound Blaster Audigy Rx with amplifier + Yamaha speakers for loud sound, USB Sound Blaster X-Fi Surround 5.1 Pro V3 + headphones for quiet sound.
- wiak
- Posts: 4074
- Joined: Tue Dec 03, 2019 6:10 am
- Location: Packing - big job
- Has thanked: 65 times
- Been thanked: 1204 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....? (hijacked into a general discussion about anything & everything!)
Yes, that's the effect of change on everyone and especially I think those who are getting older - the new never feels comfortable - and hence nostalgia for the imagined comfort of the past. Unfortunately, it is also in the nature of beingh alive that change occurs relentlessly and whilst it is possible to ignore change (for example, some old religious communities in US chose to avoid all modern machinery and stick to horses and carts), the majority have to adapt to change in order to effectively survive since the result of change rules the environment we live in. The cashless society, for example. As a human, my inclination is to avoid change as much as possible too, but I try to ignore that natural impulse I have because I also find that forcing myself to go along with new ideas and learn new 'tricks', within my ability to keep doing so, somehow keeps me feeling more alive. Perhaps that is because the state of 'no change' is somehow associated with 'death'?
https://www.tinylinux.info/
DOWNLOAD wd_multi for hundreds of 'distros' at your fingertips: viewtopic.php?p=99154#p99154
Αξίζει να μεταφραστεί;
- Grey
- Posts: 2023
- Joined: Wed Jul 22, 2020 12:33 am
- Location: Russia
- Has thanked: 76 times
- Been thanked: 376 times
Re: Okay. So, just how secure IS Overlayfs....? (a wider discussion about future Puppy development)
Well, this is no good, the beginning was about life and the future, and the end was about death. Everything will be fine (not for everyone, but there will be - a little black humor from me too).
In general, there is nothing much to talk about the future. There is one developer. He has a lot of ideas and he doesn't know what he will come up with tonight or tomorrow. Many aspects are decided not even by him, but by Debian.
What is there to decide? 10 pages to argue again which project to declare the main and most promising?
The verdict of aufs has already been passed, most of the permanent forum participants will vote for its annihilation. Everything seems clear.
If there is a vote (aufs), then I ask you to consider me abstaining (and also neutral and cunning).
Fossapup OS, Ryzen 5 3600 CPU, 64 GB RAM, GeForce GTX 1050 Ti 4 GB, Sound Blaster Audigy Rx with amplifier + Yamaha speakers for loud sound, USB Sound Blaster X-Fi Surround 5.1 Pro V3 + headphones for quiet sound.
-
- Posts: 2415
- Joined: Wed Dec 30, 2020 6:14 pm
- Has thanked: 53 times
- Been thanked: 1199 times
Re: Okay. So, just how secure IS Overlayfs....? (hijacked into a general discussion about anything & everything!)
Look at this list: https://www.cvedetails.com/vulnerabilit ... -Sudo.html. CVE-2023-22809 is a pretty nasty vulnerability.
The presence of sudo is a risk, because your version of sudo may include a vulnerability (known or not-yet-known) that allows users to bypass the given permissions and perform actions you didn't allow explicitly. For example, in the case of CVE-2023-22809, edit arbitrary files and add commands to a script that eventually runs as another user. And even if your version is sudo is no longer vulnerable to CVE-2023-22809, there will be more CVEs in sudo, considering its widespread use and the long history of interest from attackers and researchers.
I think aufs is even worse from a security standpoint, because it's hardly used. Few people look for aufs vulnerabilities, because it's not part of popular distros like Android, Chrome OS or Ubuntu. Therefore, it may contain issues like the recent overlay CVEs, but nobody will find them and nobody will fix them. Yet, it's included in Puppy, and it's not something you remove or turn off easily (like sudo).
- wiak
- Posts: 4074
- Joined: Tue Dec 03, 2019 6:10 am
- Location: Packing - big job
- Has thanked: 65 times
- Been thanked: 1204 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....? (hijacked into a general discussion about anything & everything!)
dimkr wrote: ↑Mon Jul 31, 2023 5:58 amLook at this list: https://www.cvedetails.com/vulnerabilit ... -Sudo.html. CVE-2023-22809 is a pretty nasty vulnerability.
The presence of sudo is a risk, because your version of sudo may include a vulnerability (known or not-yet-known) that allows users to bypass the given permissions and perform actions you didn't allow explicitly.
That's a different matter I wasn't alluding to. Any and all code can have vulnerabilities that are not part of their intended design. All code needs maintained and security issues constantly addressed - that is a given.
https://www.tinylinux.info/
DOWNLOAD wd_multi for hundreds of 'distros' at your fingertips: viewtopic.php?p=99154#p99154
Αξίζει να μεταφραστεί;
-
- Posts: 716
- Joined: Tue Aug 11, 2020 3:02 pm
- Location: The Pale Blue Dot
- Has thanked: 124 times
- Been thanked: 401 times
Re: Okay. So, just how secure IS Overlayfs....? (a wider discussion about future Puppy development)
Let's put more fuel to the fire so we all can have a bonfire, shall we?
1. "Puppy Linux" is not an idea. It's not a concept. It's not a set of requirements like aufs, PPM, etc. It is not something so nebulous that can be defined to be anything that anyone wants it to be.
"Puppy Linux" is a brand.
And what "Puppy Linux" is, will be defined by its brand owner.
Just like Firefox. You can download firefox source code, and compile it, and distribute it. But can you call your product as Firefox? No, you cannot. Because Firefox is a brand. Only the brand owner decides what is and isn't a Firefox.
Same as PaleMoon. You can download and build and distribute their browser. But not under the name PaleMoon. They decide what can and cannot be called as PaleMoon.
Same as EasyOS. You can download the EasyOS builder from Barry's github repo. You can build your own version of EasyOS. Can you call it EasyOS? No. Only Barry's build is called EasyOS. Because it is his brand.
2. Then who is "Puppy Linux" brand owner? Who can decide that a distro is a Puppy? In the past, it used to be Barry himself. But since he stepped down, he handed over the authority to the "stewards".
3. The "stewards" have decided to be called a Puppy Linux, a distro has to be created using Woof-CE. They have also decided that among the many variations of Puppy Linuxes, some of them will be called "official" and that this will represent the "Puppy Linux" brand in other places, such as distrowatch etc.
4. You don't like aufs is being removed from Puppy? Or perhaps PPM is your bone of contention and you want it out instead? Or anything else you find unsatisfactory? If anyone who wants to make changes to Puppy Linux, one has a few options:
a) contribute to Woof-CE and implement the change you want there.
b) be a friend with one of the Puppy devs who contributes to Woof-CE and have him/her implement your changes there.
c) be a friend with one of the Puppy devs who builds Puppy from Woof-CE, and try to get your changes in his/her particular build of Puppy.
d) Become a Puppy LInux steward and declare that from now onwards Puppy Linux is just an idea and everyone can call anything Puppy Linux.
5. Final point: anybody who questions the "stewardship" model of Puppy Linux - let me ask you a few questions. Where were you when Barry stepped down from Puppy? Did you try to keep Puppy Linux alive back then? Did you try to keep the development alive? Did you try to clear up the confusion of what would happen after Barry stepped down? Where were you? What did you do?
The people who are now called the "stewards" were the people who kept going with Puppy despite sudden loss of the leadership. They took the initiative to keep Puppy Linux alive. It was only when Barry saw that these people, and decided to trust them as the caretaker of Puppy Linux, going forward. None of these stewards wanted to become one, or asked to become one. In fact, they reluctantly agreed to become one, only because Barry asked. When they did what they did, it was only because of their love of Puppy Linux. Not for control, glory, or something sinister like that.
Now, times is a changing. People's life changed. Some stewards have disappeared from circulation, some has become inactive, some only shows up every now and then, because of life's situation. Perhaps, you think you can be a better steward than the current ones? Well raise your hand, roll up your sleeves, and show love for Puppy, by contributing to Woof-CE, maintain websites, etc.
Be the change that you want. Be the future of Puppy Linux. Don't demand. Just 'do'.
- wiak
- Posts: 4074
- Joined: Tue Dec 03, 2019 6:10 am
- Location: Packing - big job
- Has thanked: 65 times
- Been thanked: 1204 times
- Contact:
Re: Okay. So, just how secure IS Overlayfs....? (a wider discussion about future Puppy development)
An odd thing about this so-named "Puppy Linux Discussion Forum" is that being a member of it indeed does not provide any of its members any actual control or say in what direction that distro named Puppy Linux takes or doesn't take - whether woof-CE users or stewards there pay any attention to what they read on our forum here is entirely up to them. Pity it hadn't been called 'X', so many things seem to be branded 'X' nowadays...
As far as I understand it (not that I care), by their own decision and rules, only these few who became, or through invitation or whatever become stewards of that git website, woof-CE, actually have anything formal to do with their 'officially branded' distro variant. I don't even think all woof-CE stewards have chosen to become members of this forum here - so I don't really know why this forum is considered official. What does 'official' mean in that situation where it's also true that some members who use this forum for their discussions and for feedback on their projects have no interest in woof-CE, and so on.
In that sense I suppose it is a waste of time any people here (those who are interested in using the distro Puppy Linux) discussing what should go into that distro or what its future should be or anything much about it really from this venue. The place to discuss these matters would, I understand from above posts, be on woof-CE and anyone can raise 'issues' there if they know how to log in to github and use it. Yes, I think it might be good if those who wish to discuss future of Puppy Linux would do that on Puppy Linux development site and not here. Why don't you all ask to be appointed as stewards? Oh well, up to you and them - doesn't matter really.
I've noted the point and said it before too: this site is not woof-CE. Some other distros featured in this forum's discussion threads, were worked on and created in line with the discussions that those who worked on them had here on the forum - nothing at all to do with the distro Puppy Linux sometimes; not in other words from any other XXX-CE site with some other team of appointed-stewards or any other, irrelevant really in opensource world, hierarchy of leadership and 'brand ownership'.
I suppose it is just a different approach and way of doing things, involving others (or not), and organising such matters. Some distros feel no need for appointed stewards I guess, and are just released for anyone on the forum to discuss, provide feedback, use, and make contributions, and so on.
Truth is, anyone can read how Linux works, and spend enough time becoming capable enough to make their own distro(s), given sufficient time and interest to do that - lots of people have done it - there are no gods or kings in Linux really, no one that anyone actually needs or deserves worship or esteem. There are lots of great Linux projects, made by tons of different people, and that is great, and good for them, but also lots of people who like using Linux but don't necessarily have any interest in developing projects of their own, which is also fair enough.
https://www.tinylinux.info/
DOWNLOAD wd_multi for hundreds of 'distros' at your fingertips: viewtopic.php?p=99154#p99154
Αξίζει να μεταφραστεί;