Talk:Comparison of Windows and Linux/Archive 2

From Wikipedia, the free encyclopedia

This is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page.
← Archive 1 Archive 2 Archive 3 →

Contents

Removed this section

===Device Drivers=== A common point of argument is over the way Windows handles [[device driver]]s. Since device drivers run in [[kernel space]], unstable drivers can cause system instability in Windows. Linux runs many drivers in userspace, which Linux proponents claim allows Linux systems to remain stable when a driver crashes. Windows advocates often claim that Windows stability has improved and that it is better able to deal with buggy drivers than it once was. Microsoft now certifies and signs drivers from select vendors to guarantee some measure of stability. Users can also protect themselves against poorly written drivers by purchasing quality hardware for systems whose stability is critical. The claim is often made that, if a driver would cause the operating system to crash, having the kernel running serves no purpose since the system will require a reboot anyway. This is often countered by the claim that a skilled user may be able to kill the problem process and recover system stability, or else bring the system to a more graceful halt than would have been caused by a system crash. As of Windows XP, the Windows User-mode Driver Framework allows many non-critical system drivers to run in user-mode, for example most USB hardware would suit a user-mode driver. Due to the kernel model followed by both operating systems (monolithic vs hybrid), it is not possible to run many drivers outside the "kernel" on Windows.

This section was removed from the main body, mostly because it wouldn’t be worth fixing. Most Linux drivers are in Ring-0, as the Wiki page on the kernel even says. A surprising number of non-critical Windows drivers are NOT in kernel mode. For example, printer drivers in NT were kernel mode, but in 2000 they are user mode, with a few kernel mode drivers for backwards compatibility. This section doesn’t cover anything about Kernel mode (version 2) or user mode (version 3) drivers, just seems to think that most drivers are Kernel. Many drivers *MUST* be kernel, for example, cpu drivers (Yes, your cpu has a driver) and your chipset drivers. If it’s user mode or Kernel mode depends on how much direct access is needed. If the driver needs to access something in Ring-0, it’s kernel mode. If it is just accessed *BY* something in Ring-0, it should be user mode (And won’t be signed by MS if it’s kernel mode and doesn’t need to be).

This section is just talk about “people” who claim stuff, and shouldn’t be included in Wiki to begin with. It doesn’t even cover if its an issue with drivers, or hardware, as sometimes it’s not buggy drivers but bad return values of the hardware (Damaged hardware on good drivers can play hell on any system). And the line “Due to the kernel model followed by both operating systems (monolithic vs hybrid), it is not possible to run many drivers outside the "kernel" on Windows.” is bad English, since it says Due to the kernel mode followed by BOTH, it is not possible to run drivers outside the kernel. So because Linux is a monolithic Kernel, my 2K3 box runs it’s drivers as Version2 drivers? To say Windows has drivers in the kernel, and Linux doesn’t, is completely wrong. --Ozzy 98 19:03, 7 June 2006 (UTC)

article structure

i tryed a long time ago to clean myself this page but i was reverted(mabe i deleted all(don't remember well) and i made article structure)


so now that we can clean this article i propose the folowing structure:

  • comon belief(what most people think)...yes it's interesting...
    • windows
      • advantages(games,culture)
      • Limit(viruses,crash...)
    • linux
      • advantages(can't run viruses...)
      • limits(it's dificult,all is in command line...)
  • The reality

->this part would need some technical experts on both system,in order to explain what the reslity is,for example explaining how does linux can get viruses(hacking,trying non trusted things...because most programs are trusted),why windows crashes so often(see react-os website,and driver/hardware related issues)...,we must also explain the diferences inside linux such as the kenrel design guidelines(tecnical but also with the goal that isn't related to windows,a common critisize of bsd people about linux) and the distributions(linuxXP,lindows,xpde(a wm)...) so design issues and evryday reality must be included here,we can also explain distribution and the design guidelines of linux()

    • we can also talk about microsoft reaction(campains(get the facts...=>do not include this inside comon belief...because the comon belief is what people has been thinking for a very long time),haloween docs,sfu,vista...)
    • We also can't avoid talking about microsoft and open-source/free-software we can also folow the same structure for this
    • at the end,as an opening we can talk about others unixes,reactos...


if nobody decides something(sometimes some people talk endlessly on the talk page or ask things that is never added),i'll start to use this(of course i'll wait some time before doing so) while keepin the old informations inside the comon beliedf=>revert me if you don't like it,at the end we could start reviewing the old informations in order to match better the comon belief

Security

"On the security side, Microsoft also argues that its platform is more secure because the Microsoft developers can respond to security issues more quickly and efficiently than the Linux developer community."

This is clearly FUD, as anyone can see at: http://en.wikipedia.org/wiki/Comparison_of_operating_systems_(security)

That's what Microsoft claims, so please leave it be. Rhobite 21:35, Jun 15, 2005 (UTC)
OK, I underestand. Ptomes.
Not forgetting, of course, that no company should be allowed to claim something that isn't true. Their 'platform' is falling because of sloppy development. If you've ever seen Microsoft's coding standards (after seeing Linux Kernel programmers'), you'd be shocked, if it meant anything to you. They can be no means respond more efficiently than Linux developers, but I will say they respond more quickly - mainly due to the fact they need to bugfix Windows every other day. Shame.
Plus, the linux developers don't _NEED_ to fix it as often, because linux has fewer HOLES. Strake

This is rubbish: Linux mightily encourages users NOT to log on as root: GUI logins don't show root as an option; the Mandrake install instructs you never to login as root unless doing admin work; every book on Linux I have ever read says the same thing; in Mandrake 9.2 if you login as root in KDE the background is red instead of the default blue. On Windows my system has two admins, and nowhere am I discouraged from this. Admins are shown as regular users on the login screen. So where does this come from: The percieved difference is likely due to Linux encouraging users to take advantage of its file permissions, whilst Windows tends to encourage users not to run as the computer administrator. Microsoft reccomends users to log on with account that has no administrative credentials and to use "Secondary logon" for doing their administrative tasks rather than using their administrator account for doing daily tasks. --Taejo

Dont forget XP Home (Which may be the most common MS OS) doest have "limited" accounts and almost no computers sellers ship computers with user account set up to have lesser accounts. My thoughts ? Delete this paragraph, not even worth putting on the talk page. --2mcm 06:41, 26 July 2005 (UTC)
I'm pretty sure that XP Home allows you to create limited accounts. I see no reason to remove the paragraph. Rhobite 06:55, July 26, 2005 (UTC)
Ok my mistake i have removed the previous statment. --2mcm 10:40, 26 July 2005 (UTC)
BTW Home wont let you change file permistions through it's GUI interface so you cant restrict limited user from running other programs. --2mcm 03:50, 10 August 2005 (UTC)
Isn't the point that the process won't be able to acquire permission to perform damaging actions, rather than the user not being able to run a potentially damaging process? I believe this is basically due to the fact that Windows uses an ACL-based security system, rather than being an actual vulnerability. —212.20.246.65 18:15, 31 October 2005 (UTC)
Hmm not 100% sure what i was meaning there but i belive it was that if you install a program you can not set the execute-bit ( in unix terms ) to 'deny' for a piticular user. I guess this would be a security issue if you need a program installed for one user to use, while wishing to deny another user access ( for example a BT program if the denied use had a habit of downloading malware via bittorent ( or you happed to have a programme installed which has known security flaws. e.g., IE.. ahem. )). --04:25, 1 November 2005 (UTC)
XP Home won't let you edif file ACLs from the GUI *UNLESS* you're in safemode. You can, however, use cacls from the command prompt, or just boot into safemode. Or install the security manager from NT4 to use on XP Home, this enables it too. The functionality is there, and easy to get to, just hidden from casual view. If you don't know how to set permissions on home, chances are you shouldn't be setting them to begin with. --Ozzy 98 02:27, 7 June 2006 (UTC)

I've added a citation request for the following statement,

"On the security side, Microsoft argues that its platform is more secure because the Microsoft developers can respond to security issues more quickly and efficiently than the Linux developer community"

If MS did not say this, it should to be removed. If MS did say this, it should perhaps be rebutted as IMAO it is not true. One example of it being false is the ping of death attack, which was fixed within 3 hours for the linux kernal [1]. Also Linux releases patches and security fixes every day, while MS waits for patch tuesday, which means anything up to a month wait for exploits that are "in the wild". Linux, especially package based distributions, patch more frequently [2]. --H2g2bob 16:28, 28 May 2006 (UTC)

I take it back, MS would say something like that :-D --H2g2bob 14:45, 30 May 2006 (UTC)
The second tuesday of each month isn't the day ms releases patches, it's the day they update windows update and the files for autoupdate. If you subscribe to the security newsletters you get notified on security patches soon as they are avaliable for download on the site.--Ozzy 98 02:27, 7 June 2006 (UTC)

Before I even start, I'd like to say that this entire article is crap and should be binned. I deleted the part that refers to IIS getting hacked more than Apache, because it's "citation" links to an opinion piece written by a Linux advocate. The actual evidence to show IIS getting hacked more than Apache is from defacement mirrors. The first defacement mirror was maintained by attrition.org back on the late 90's all the way up to ~2001. At that time, many more IIS server compromises were reported to the mirror than Apache defacements. After attrition closed down their mirror, another site, zoneh.org, started mirroring defacements. Around 2003 (when Microsoft started paying attention to security) the percentage of reported Apache defacements on zoneh.org rose sharply in contrast the number of IIS defacements, and since then the defacement percentages have largely followed market share lines - with Apache showing a very slight advantage over IIS. Toadlife 08:18, 11 November 2006 (UTC)

Cleanup request: This article is repetitive and unfocused.

The article repeats itself without any particular explanations. The UNIX-like permissions defense of Linux, for instance, is repeated in several locations without explaining what is good about UNIX-like permissions. Worse, in the same article, it is claimed (without rebuttal) that Windows permissions are more "robust" (whatever that means in this context), which makes one wonder why the UNIX-like permissions are a good thing (or whether Windows permissions are really more robust, what that means and why that's a good thing). 131.174.122.17110:44, August 3, 2005

It means exactly what it says. Windows file permissions are more robust than Unix file permissions because they allow finer grained access control and ACLs to be used. Whether or not they are better than Unix file permissions is subjective.
Darrien 07:40, August 5, 2005 (UTC)
Putting aside for the moment that the use of the word "robust" is POV, how can you say one permission system is more or less robust than the other? AlistairMcMillan 07:55, August 5, 2005 (UTC)
"Robust" may not have been the best choice of word, but Webster defines "robust" as "1c: strongly formed or constructed". Unix file permissions are rather weak when compared to ACLs and standard Windows file permissions, but as I said above, whether or not one is better than the other depends on what one is trying to accomplish.
Darrien 08:25, August 5, 2005 (UTC)
We define Robust as "reliability". :) AlistairMcMillan 08:29, August 5, 2005 (UTC)
The Windows versions that I have used do not have any permission system at all, so it has be wrong to say that Windows file permissions are more robust. This idea should be made more accurate, since file permissions are not an inherent feature of "Windows-like" OSs, as it happens with Unices. Also, ACLs don't make a system more robust, they just allow more levels of access; if the system is not well-designed, it could be breakable in an easier way than the (not as flexible) Unix permissions. Anyway, SELinux can be used to achieve a more flexible access contol, AFAIK. rbonvall 23:33, August 5, 2005 (UTC)
Two things. I rewrote that paragraph and removed the word "robust" about 21 hours ago. No need to debate it now, unless you want to re-insert it. When I re-wrote the paragraph I made it explicit that we were talking about Windows NT and above, not Windows Me/98/95. If you'd like to add information about Windows Me/98/95's complete lack of file permissions, feel free. AlistairMcMillan 03:33, August 6, 2005 (UTC)
Ok, I was reading an older revision. rbonvall 15:42, August 10, 2005 (UTC)
NTFS permissions have almost 40x the number of settings as default chmod Linux permissions, this is where statment comes from. Since 9X doesn't support NTFS out of the box, this is an NT-only advantage, since 9x has no file permissions. To see all the windows file permissions on an NT based system, right click a file (If not on XP HOME) go to properties, security, advanced, and hit edit on any of these. Also keep in mind the settings for proprogation of the settings too. This is just NTFS permissions, if you enabled an NTFS driver on your linux system, it would be able to use the same security. It comes down to, where does the OS stop, and add-on software begin? --Ozzy 98 02:27, 7 June 2006 (UTC)

We also read "The perceived difference is likely due to Linux encouraging users to take advantage of its file permissions, whilst Windows network setups tend to encourage users not to run as the computer administrator. " What the heck does any of that mean? Windows network setups encourage users not to run as admin? If this is true, how is that different than Linux? Are Linux network users encouraged to be root? The whole sentence bewilders me. 131.174.122.17110:44, August 3, 2005

That originally read "The percieved difference is likely due to Linux encouraging users to take advantage of its file permissions, whilst Windows tends to encourage users to run as the administrator". It looks like it got changed somewhere down the line.
It refers to the fact that one often needs to run as an administrator to accomplish some day-to-day tasks on Windows, such as installing software or changing settings, whereas on Unix-like systems most of these can be accomplished without superuser priveleges. This has gotten better in Windows XP, but as far as I can remember, you still need access to certain protected registry keys to install software, whereas on Unix-like systems you often need only a compiler.
There's also the fact that some Unix programs will loudly complain or refuse to run at all if they are run as root, whereas no Windows program that I know of does the same.
Darrien 07:40, August 5, 2005 (UTC)
Regarding the Unix programs that complain : KDE ( the most common WM for *nix ) will not allow root logins with out changing a config file. Any some(most?) companies that sell linux preinstalled do not have the default user as root. The problem with Windows programs needing an admin user is mostly due to the Win9x days where programs had full access to the whole sys and programmers who wrote the programs didnt allow for restrictions --2mcm 08:34, 5 August 2005 (UTC)

I think this page should be re-written with an eye to organizing the information for the reader. I apologize that I am unqualified to do so, since I am neither a Linux nor Windows expert. 131.174.122.171 10:44, August 3, 2005

I'd like to know too. What does "Windows network setups tend to encourage users not to run as the computer administrator" actually refer to? I've never had a Windows network setups encourage me to do anything. Maybe they just don't like me.  :( AlistairMcMillan 05:53, August 5, 2005 (UTC)
I think this refers to the most important idea to keep in mind when contributing to this article: There is a big difference in home-user, network-setup, and server functionality. I doubt something like a Lycoris home computer would be as secure as a properly maintained Windows server. It looks like someone modfied the original quote above to reflect Microsoft's official stance on running computers in a corporate network environment. Namely, don't run as the Administrator for day-to-day tasks.
Darrien 07:40, August 5, 2005 (UTC)


Just a thought - what do people think about a re-organization along the following lines:

1. Security
1.1 The pro-Microsoft Windows View
1.2 The pro-Linux view
2. TCO
2.1 The pro-Microsoft Windows View
2.2 The pro-Linux view
3. ...
...
196.41.167.243 09:34, 24 August 2005 (UTC)

"Super-Virus" + other stuff

From the article :

Some people believe that since the Linux source code is freely available, 
somebody with enough time and experience may be able to engineer a 
"super-virus" to affect the kernel.

Wouldnt "worm" be the correct term for this ? Viruses spread by people opening files named "Hilary Duff.jpg.vbs" while worms exploit programms ( normally buffer overflows ). --2mcm 23:38, 5 August 2005 (UTC)

personally i dont think that the supervirus theory stands, because if someone really managed to develop such a virus/worm, he will then have put this kernel-patch into the vanilla CVS (highly impossible unless this person is one of the few kernel developers), which by the way is maintained by the worlds best programmers. and lets say that the worm passes through the examination of the developers, but once a user realizes the existance of the worm, a bug will be filed through linux's extensive bug-reporting system and the patch will be fixed/removed in no time. So the so called supervirus could theoritically be developed, but to have any practical effects would be impossible. ---Dritan.
I know the theory does not stand. A Super Viruses exist for all OS's. Never been publicly released but they exist.
A true Super Virus is a completely hidden virus. You don't need the source code of a OS to make a Super Virus. Its like Ring Level 0 debuggers that the no current OS's can detect is even there. Yes even Vista. This is Super Virus tech. Its not OS partical. It hits everything. Complete undetectable to OS and can be impossiable to remove from a system without hardware tools.
Be thankful that no one has been insane enough to release a Super Virus.
Even so since Ring Level 0 debuggers work hacker can look at the raw asm of the OS anyhow and search for flaws. Might not be as fast as normal source code but just as effective.
Now the bad bit Microsoft OS's have been documented as having a weakness embed by the request of the CIA. So closed source does not mean that the OS is past tampering. It caused one of the worse OIL Pipeline spills in Russa. So in one way Linux is safer. You are free to use your own personal to inspect and build it.
Note goverments these days demard the source of windows so they can inspect it. The bad bit is that its pointless. Reason they don't have the right to build the source to make sure what they have been given is truely the source of the OS.
---oiaohm

A few other things :

1) Why is it "Microsoft vs. Linux" and not "Windows vs. Linux" ? It would make more sense if it was about Microsoft software and MCSE, etc. But the article is only about Windows and Linux.

Support. I think it would be even better something like "Arguments by supporters of Windows and Linux". A "versus" name sounds not encyclopedic to me. rbonvall 15:52, August 10, 2005 (UTC)
Well the problem I have with "Arguments from .." is that I dont want this article to be or though of as an IRC transcript :
<Microsoft> Linux Sucks !!!
<Slackware> No, our OS is greater that yours !!
<FreeBSD> all j00 are n00bs BSD is the 0n1y r34l Un1x !!!11
--2mcm 04:50, 11 August 2005 (UTC)
Support. But not "arguments by supporters etc". Won't it be easier for editors to include the phrase "Windows vs. Linux" in an article without it being aliased, rather than the phrase "arguments by supports etc"? AlistairMcMillan 20:37, August 10, 2005 (UTC)
Well i did it. --2mcm 23:58, 21 August 2005 (UTC)

2) Could we have a table of the archs that each OS supports, market share as reported by xyz corp for July 2005, etc ? This would have to be done very carefully to have a NPOV. Maybe a bit like this ? --2mcm 23:41, 6 August 2005 (UTC)

No two distributions being exactly the same

This edit by 12.219.74.52...

There being no viruses can also be attributed to there being many different kinds of Linux, with no two distrubtions being exactly the same, and also no real standard for executables.

2mcm has already corrected the bit about there being no real standard for executables, but is it true that differences between distributions make virus writing difficult? I can't think of any sources that prove it either way. But they all use basically the same kernel, maybe a module or two different here or there, but basically the same. They all, IIRC, include glibc, gcc and Perl, etc etc. Can someone through some insight here. AlistairMcMillan 23:23, 20 August 2005 (UTC)

If the virus is expoiting a hole in the software then minor compile differnces ( such as -O3 rather than -O2 ) would break the binary complatibility that a machine code exploit would require. What stop viruses dead in their tracks is that files by default have the execute bit turned off and KDE wont run a program ( atleast on Slackware 10.0 ) , even with the exec bit, just by double clicking. I will update the page to reflect this. --2mcm 01:46, 21 August 2005 (UTC)
If various Linux distros are all going to be able to run the vast majority of applications written for Linux, then the vast majority of viruses and worms are likely to run on the vast majority of distros, so this isn't really a particularly solid claim. There are other elements within Linux that make it harder to write viruses/worms compared to Windows, this isn't one of them. Sfnhltb 12:52, 8 March 2006 (UTC)

I removed this ..

To counter this, all users, including system administrators will have diminished permitions. Microsoft enforces this in a way similar to UNIX like system for normal level users, and by warning acknowledgment popups and virtual folders for all user classes. ( emphasis mine )

--2mcm 21:19, 24 August 2005 (UTC)

This is not really crystal ball stuff since it is present, though turned off, in the recently released beta. [3] If you're familiar with OS X and the dialog that asks you for a password whenever you do anything risky, they've basically just copied that. A search on Google for "User Account Protection" of "Least Privileged User" will get more on the subject. AlistairMcMillan 22:10, 24 August 2005 (UTC)
Hmm it seems like both things in the paragraph are about things that Vista may introduce. Cant see really were it fits in nor were solid enough sources can be found to confirm this. --2mcm 22:35, 24 August 2005 (UTC)
Thanks User:AlistairMcMillan for going to the trouble of understanding then clarifying the paragraph! --2mcm 07:05, 8 September 2005 (UTC)

Argument appears to be one-sided

Its quite obvious that the author of this page is a Linux proponent, and a fanatic at that. Now, if someone can answer me as to if those Apache claims are true...

—Preceding unsigned comment added by 68.251.77.19 (talk • contribs) 26 Sept 2005

Firstly this page was not written by a single author but by many some of which prefer either Linux or Windows. I didnt see your question about Apache but netcrafts survey confirms it : http://news.netcraft.com/archives/web_server_survey.html . Even microsoft's web surveys ( flawed because they only check those who use their products ) doesnt place Apache below 25%. --2mcmGespräch 02:31, 2 October 2005 (UTC)

Actually, the Windows section runs with all its claims and alleged info virtually uninterupped by conflicting arguments. In the Linux section many of the claims/alleged info are immediately followed by Microsofts claim. It actually seemed to be favoring Windows to me. --gimfred

this could be improved

  • historical side and popular belief(their impact,and the reality)(social factors)
  • see microsoft as another sytem such as any other os(not as the devil but you can talk about microsoft policies as a limitation or a problem of the os and may talk about others microsoft limit in the historical side and popular belief in order to understand microsoft implementation in the market of the os and the contreversy and court decision against it)
  • you talk only about linux...
    • talk more about unix
    • talk more about open-source
  • you talk about microsoft vs linux...but why there is:
    • sfu,cygwin,colinux,uwin

->microsoft will implement a unix subsystem by default on the microsoft os starting with windows server 2003 sp2 [4]

    • wine and react-os

in the past i had made another plan for this article but it has been removed of course it was not perfect...this is a wiki...and it was needing some serious improvement

Pro-windows source

i am currently aware of only one organization that advocates the pro-windows view. can anyone list some other sources? if not, it should be explicated that this is primarily microsoft's pov, since it is doubtful whether it has any other ostensible supporters.

Over 90% of PCs run on Windows, so Microsoft is obviously not the only group that advocates the pro-Windows view. Gartner reports frequently conclude that Windows has a lower TCO, for example. Paul Thurrott is a Windows supporter, and ZD columnist David Coursey can usually be counted on to support Microsoft. These are just a few examples of people and groups who advocate Windows. Rhobite 02:34, 13 January 2006 (UTC)
what about the sillier arguments like "[windows] does not force the user to rely on the goodwill of strangers"?
If you're asking for specific references, I agree, we need more of those. Neither section provides refs for specific statements such as the one you point out. However, I know that I've heard arguments like that one from MS and MS supporters. Rhobite 03:15, 13 January 2006 (UTC)

Windows/Linux/OSX user share?

Sorry to put this here, I am looking for a Windows/Linux/OSX and other Operating system's pie chart, is there anything like that in Wikipedia??? thank you"

Closest I've seen is a sales chart of Unix, Windows, and Linux sales for servers. This includes hardware, and I didn't really look too close at the chart. Unix and Windows both were at 4 Billion in sales, while Linux just topped 1 Billion. Remember, in the working world, Unix is still in use much more often then Linux. And some areas, like most of the eastern US, you'll never see a production Linux box. --Ozzy 98 17:12, 7 June 2006 (UTC)

Distributions

The article doesn't clearly explain the difference between GNU, Linux and Linux distribution. That's rather essential for understanding what 'pro-Linux' means.

There are also some incorrect statements:

  • AFAIK, the Windows NT product line (which XP belongs to) is not based on DOS.
  • Certain Linux distributions do support ACLs (see SELinux or [5])

--Erik 17:45, 7 February 2006 (UTC)

NT line could be said to be based partly on dos, but that's like saying the cartoon Gargoyles was based on Shakespeare. But there is very very little dos code left in it. Must less then 98\ME lines that even use Autoexec.bat files. As for the ACL's in Linux, Unix style permissions are ACLs, so all Linux supports it. --Ozzy 98 17:18, 7 June 2006 (UTC)
Unix-style permissions can be mapped to a subset of what can be done with ACLs, in that permissions of XXXYYYZZZ could be mapped to an ACL such as {owner, XXX},{group, YYY},{otherwise,ZZZ}. However, there's no way to turn an ACL such as {user1, XXX},{user2, YYY},{user3, ZZZ},{user4,WWW} to a set of Unix-style permissions. Guy Harris 20:18, 24 June 2006 (UTC)
No. You're missing the point. Linux can do both traditional UNIX permissions AND ACLs. From "man acl" on gentoo: "This manual page describes POSIX Access Control Lists, which are used to define more fine‐grained discretionary access rights for files and directories." More information is available by googling for "linux acl", but a few quick links of interest are: http://www.suse.de/~agruen/acl/linux-acls/online http://acl.bestbits.at/. According rumblings on #gnome-hackers, ACL GUI support has been merged into GNOME, either for 2.14 or 2.15, and KDE has had it since KDE 3.5 (info from http://blogs.sun.com/roller/page/alvaro?entry=nautilus_acl_support). Additionally, this isn't very distribution-dependent. All that is distribution dependent is how ingrained the ACL support is.