[Comm] [JT] ututo-e / gentoo

[Michael Shigorin <mike@osdn.org.ua>]

	Hi!
Вот ещё один образец того, что порой откладывается в библиотечку.

Обычно при этом проводится сопоставление -- "а насколько это
относится к нам?".

-----------------------------------------------------------------

Despite the time the installation process spent optimizing the
system for the processor, performance seemed much the same
regardless of whether I used the 486, 686, or Athlon XP-optimized
CD images. I found a larger performance gain when I reduced the
number of desktops from four to one.

[...]

Ututo-e security standards are mixed. On the positive side, the
distribution uses multiple system accounts. That is, in addition
to the usual root account, Ututo-e uses a number of specialized
user accounts, each with a name that suits its specific purpose
-- for example, daemon, cron, and portage. With the use of each
system account narrowly defined, crackers cannot break into the
system by obtaining a single password. User groups are defined
with similar narrowness, so much so that if you create additional
everyday accounts, you need to add them to additional groups
before they have the same access as the ututo user account
created automatically during installation.

On the negative side, Ututo-e tells you the system's three basic
account passwords at the start of installation, but makes no
effort to remind users to change them as soon as possible. Since
these passwords are "enter," "enter," and a blank password, this
is a major gap in security.

Other basic lapses in security include the automounting of
diskettes, CDs, and DVDs; a graphical log-in for the root
account; and no enabling of the firewall during installation. The
distribution would also benefit from following some of the
suggestions in the Gentoo Security Guide, such as placing
directories to which users will write on a separate partition,
using grpquota and usrquote settings to define drive mounting in
/etc/fstab, and installing cracklib to prevent easily-guessable
passwords.

Many of these security weaknesses, of course, have become
standard in modern distributions. However, they stand out more in
Ututo-e more than usual because of the obvious thought that
Ututo-e's developers put into the multiple system accounts.
Having taken this advanced precaution, they seem to have
overlooked the elementary ones.

[...]

In addition, the English version has problems of its own. The
English is often non-idiomatic, with such menus as "Configuring
the distribution of its keyboard" and "Menu of handling of
partitions." Phrases like these can usually be interpreted
without much effort, but the awkwardness lessens the
professionalism of the distribution. A far more annoying problem
in the English version is the series of keyboard mapping errors
you receive when GNOME is starting up. These seem to point to
larger problems, because, if any attempt is made to change the
mapping, the system hangs and reverts to Spanish on rebooting.
Even worse, the English version points by default to a Spanish
package repository, and I could find no mention of an English one
in the operating system or on the distro's web site.

http://os.newsforge.com/article.pl?sid=05/04/21/195224&from=rss

Ututo is useless... (Score:0)
By Anonymous Reader on 2005.04.29 6:46 (#111592)
Ututo-e is the worst thing to have happened to the Free software
community in Argentina.

The people creating ututo-e are a bunch of lunatics that will let
the opportunity to move a whole school or city to GNU/Linux slip,
if the city insist that the kids have flash or other non-free
software installed.

Besides this, they discouraged potential linux users from trying
a real working linux distribution such as Suse or Mandrake.
Instead, they recommend their non-working piece of shit and leave
the potential user with a bad taste in the mouth.

If they had a working product, I'd be more than happy to
recommend them. But they don't.The distribution sucks and the
only thing that has brought them any notorierity is Stallman's
shallow endorsement. Why is it shallow? Because he doesn't use it
himself.

Yet the first thing these guys tell you is that Ututo is the one
and only true linux distribution because RMS said so, when the
thing doesn't even work.

And to those that may misconstrue my words, I respect RMS and all
the work he is done. He is a personal hero of mine. But
alieanting lots of people by subscribing something that is closer
to Slackware 1994 than a real linux distribution or operating
sytem in 2005 is bollocks.

Later.

-- 
 ---- WBR, Michael Shigorin <mike@altlinux.ru>
  ------ Linux.Kiev http://www.linux.kiev.ua/