Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Ubuntu versions



On 6/17/07, Tom Metro <blu-5a1Jt6qxUNc at public.gmane.org> wrote:
> I haven't installed Ubuntu Server, but Debian variations are typically
> implemented simply by tweaking the installer to load a different set of
> core packages. The biggest practical difference is that there are
> different packages supplied on the CD/DVD.

The packages are mostly the same.  The difference is in the kernel mainly...

> Yes. In the same way you can swap packages to turn Ubuntu into Kubuntu,
> you should be able to load any desktop packages onto the server and vice
> versa.

Correct...

> However, the server distribution may be based off of an older Ubuntu
> release (I haven't checked - it should be clear from the version number
> or release name). That means if you install the server version, you
> won't have access to the cutting-edge versions of desktop applications
> (unless you find backports).

Not true.  The server version is released in coordination with every
desktop release, so you can run Ubuntu Feisty (7.04) server right now
if you like.  And if later you decide you want the desktop version,
you can install the -generic kernel (removing the -server kernel) and
install one of the many -desktop packages.  Then you are left with
essentially the official desktop release...

> I'd say if you want long term stability and minimal security risk, use
> the server version. But if the machine is really going to be used as a
> desktop, while doing occasional server work, go for the desktop version.
> If you want to get fancy, maybe install desktop, and run the server
> version in a virtual machine, so it can be highly locked down.

The are glaring vulnerabilities in Xorg, due to the nature of such
large code bases.  If you have local users on the server, I wouldn't
recommend a GUI, since those bugs are easy to elevate privileges from.
 Of course, no software is 100% secure, but you want to lower your
attack surface if you are concerned about security.  If a GUI is
necessary to the usage of the machine, then you can try to harden it
with grsecurity, PaX, SELinux, AppArmor, or any of the various other
security add-ons.  The choice is up to you...
-- 
Kristian Hermansen

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.







BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org