Linux and Security

When it comes to installing software, security is something we should talk about. I've already said that you should know where your software is coming from, but that is only part of the consideration. That's why I'm going to clear up some bad press Linux gets when it comes to installing software.

In the Windows world, it is frighteningly easy to infect your PC with a virus or a worm. All you have to do is click on an email attachment, and you could be in trouble. With some email packages under Windows, it does the clicking for you and by being so helpful, once again, you could be in trouble. You won't find many Linux packages provided as simple executables (.EXE files and so on). Security is the reason. To install most packages, you also need root privileges. Again, for security reasons. Linux demands that you be conscious of the fact that you might be doing something that could hurt your system. If an email attachment wants to install itself into the system, it will have to consult the root user first.

Package managers, such as rpm (the RPM Package Manager) or Debian's dselect and apt-get, perform checks to make sure that certain dependencies are met or that software doesn't accidentally overwrite other software. Those dependency checks take many things into consideration, such as what software already exists and how the new package will coexist. Many of you are probably familiar with what has been called DLL hell, where one piece of software just goes ahead and overwrites some other piece of code. It may even have happened to you. Blindly installing without these checks can be disastrous. At best, the result can be an unstable machine?at worst, it can be unusable.

Installing software under Linux may take a step or two, but it is for your own good.

Searching for Common Ground

Every major Linux vendor wants to make the Linux experience as wonderful as possible, particularly when it comes in installing software packages. Consequently, almost everyone has a software installation tool that they have tweaked to make the user experience as simple as possible, a tool that deals with package dependencies easily.

SuSE provides YaST2. Mandrake has RpmDrake (or the command-line urpmi). Lindows has its Click-N-Run service. As you can see, there are many alternatives. In this chapter, however, I'm going to try to be release-agnostic and cover those tools that should be in almost any distribution.

Let's start this exploration with KDE's own package manager, kpackage.



In the initial release of Red Hat 8.0, kpackage was not compiled into the kdeadmin package (of which kpackage is part). If you are working with this release and kdeadmin has not yet been updated by the time this book is released, there is still a way. When you find a package you want (while surfing with Konqueror), click the one you want to install and click Open when Konqueror asks whether you want to open using Install Packages.