GNU/Linux has networking capability built into the kernel, so it is well-adapted to environments where several computers are connected. In addition, several kinds of security are built in to GNU/Linux.14 Two of these are explained next.
A fundamental difference between GNU/Linux and single-user operating systems like Windows 9x lies in the concepts of ``file permissions'' and ``user privileges''. On a GNU/Linux system, there is a ``superuser'', who conducts system administration (installation and configuration of hardware and software, day-to-day maintenance, system backups), and there are ``ordinary users.'' Each user has an ``account'', which has a ``home directory''. Your home directory is analogous to a locker; only you can access its contents, so different users can use the same machine without their files interfering, and without worry that anyone unauthorized is reading their files. The superuser's account is called root; the actual system administrator also has an ordinary account used for non-system work. Users may belong to one or more ``groups'', though by default each user belongs to exactly one group, with only one member. You access your own account by ``logging in'' (opening your locker), which is accomplished by providing your user name and a secret password of your choice. Your files are protected when you ``log out''.
Users' individual and group status is significant because of file permissions. Each file in a GNU/Linux system has an owner, a group, and a set of permissions that dictate readability (who may read or copy the file), writability (who may edit the file), and executability (who may run the file, if it is a program). From the file's point of view, users are of three types: The file's owner, a member of the file's group, or someone else. Consequently, each file has nine permissions, one for each combination of ``user type'' and ``operation.'' The important thing is that users have flexible control over who may read or modify their files. Users who need to share files (as part of a joint project, for example) would ask the superuser to form a group with them as members; they could then share the files--without allowing anyone else access--by making the files readable and writable by the group. Even more importantly, files that are crucial to the system's operation cannot be modified by ordinary users. Some files, such as the file that stores encrypted system passwords, cannot even be read by ordinary users.
The superuser has absolute power over the system; (s)he has read,
write, and execute permission on all files, regardless of the files'
owner or permissions. (In Windows 9x, every user is
root.) If you are installing GNU/Linux at home, you will be
the superuser at least occasionally, so you must be aware of the power
you have. The superuser can wipe out the system with literally one
typo, such as
cd /; rm -Rf * ~ (which attempts to delete
the entire filesystem from the hard drive, and does not stop until the
system is too damaged to continue running) instead of
cd /; rm -Rf *~ (which deletes certain outdated
files).15 For reasons such as this, it is strongly frowned
upon to use the root account except for system
administration. When logged on as root, the usual advice is to
re-read every command twice, and to sit on your hands before
proceeding. Normally only one person knows the root password; in a
multi-user environment it is crucial to protect it.
System and network security are important and vast subjects. GNU/Linux allows you to control others' access to your computer, and encourages you to learn what the risks and threats to security are. Most home operating systems prevent you from protecting yourself, simply because they have no capability.16Millions of users in the U.S. (15% according to one recent assessment) are estimated to have networked computers with no intrusion protection whatsoever. As an unprotected home user, you expose your computer's data (your email, credit card numbers, medical information, or whatever) to the world merely by dialing into an Internet service provider. If the connection to the Internet is permanent, the risk of intrusion attempts becomes a near certainty.17 GNU/Linux by default prevents casual intruders from accessing the data in your computer, and the default protections can be strengthened substantially to divert even determined malicious attackers.