> Do you also read OpenSSH and Bash source code looking for security exploits?
I don't personally, no. But I'm confident that there are experts doing so, and that when they find an issue, it is publicized and fixed quickly, because it's considered an extraordinary and urgent event, and allowing it to continue unfixed would be unacceptable. When MS shipped virus-infected CD-ROMs, nobody thought it was unacceptable, or even abnormal.
However, if you're confident enough in Windows' security features to run without anti-virus software, that's fine. My sense is that the vast majority of Windows users are not. But the vast majority of Linux users are.
> Quantity != Software X that user won't do without.
You're going to have to give specific examples, because I just don't see this as a significant issue that users who don't want to hose their systems have to deal with on Linux. I've never come across any software I needed as an ordinary user that I couldn't find in my Linux distro's package manager. (As a programmer, I have, but that's a different case.)
> I can install whatever software I want under $HOME
Which comes under the heading of users who want to hose their systems. If you don't want to hose your system, just don't do that.
(As an aside, I think you can actually lock down executable permissions in $HOME with SELinux. But I haven't tried it myself.)
I don't personally, no. But I'm confident that there are experts doing so, and that when they find an issue, it is publicized and fixed quickly, because it's considered an extraordinary and urgent event, and allowing it to continue unfixed would be unacceptable. When MS shipped virus-infected CD-ROMs, nobody thought it was unacceptable, or even abnormal.
However, if you're confident enough in Windows' security features to run without anti-virus software, that's fine. My sense is that the vast majority of Windows users are not. But the vast majority of Linux users are.
> Quantity != Software X that user won't do without.
You're going to have to give specific examples, because I just don't see this as a significant issue that users who don't want to hose their systems have to deal with on Linux. I've never come across any software I needed as an ordinary user that I couldn't find in my Linux distro's package manager. (As a programmer, I have, but that's a different case.)
> I can install whatever software I want under $HOME
Which comes under the heading of users who want to hose their systems. If you don't want to hose your system, just don't do that.
(As an aside, I think you can actually lock down executable permissions in $HOME with SELinux. But I haven't tried it myself.)