As you start to understand how SUSE Linux works, you'll become more and more aware of common-sense methods that will protect your system. However, I'll outline a couple of these now to get you started:
Be very wary if you're asked to enter your root password. You'll be asked to do so when following many of the configuration steps within this book, for example, and this is acceptable and safe. But if you're asked to do so out of the blue, then you should be suspicious. If the root password prompt dialog box appears when you run a file that shouldn't really need root permissions, such as an MP3 or OpenOffice.org file, you should treat the situation with caution.
Be careful in choosing programs to download and install. Because Linux works on the basis of open-source code, anyone can theoretically tamper with a program, and then offer it for download by the unwary. This very rarely happens in real life. Even so, it's wise to avoid downloading programs from unofficial sources, such as web sites you find online via a Google search and whose authenticity you cannot vouch for. Instead, get software from the web site of the people who made it in the first place or from SUSE's own web site.
Tip SUSE Linux uses the RPM format for program installation, and these files can be "signed" with a secure digital code that can be applied only by SUSE itself or one of its trusted partners. This allows you to check if an installation file you download is secure. I'll explain how this works in Chapter 29, which covers program installation.
Always ensure your system software is completely up-to-date. As with Windows, many SUSE Linux programs have bugs that lead to security holes. Crackers target such vulnerabilities. Downloading the latest versions of SUSE Linux software ensures that you not only get the latest features, but also that any critical security holes are patched. As with most versions of Linux, updating SUSE Linux is easy and, of course, it's also free of charge. You'll learn how to get online updates in the next section.
Limit who has physical access to your PC. Any SUSE Linux system can be compromised by a simple floppy boot disk, such as the rescue disk you created when you installed SUSE Linux. Booting a PC using such a disk gives anyone with sufficient know-how complete root access to your system's files, with no limitations. This is for obvious reasons; the idea of a boot disk is to let you fix your PC should something go wrong, and you cannot do this if you're blocked from accessing certain files. When Linux is used on servers that hold confidential data, it's not uncommon for the floppy and CD-ROM drives to be removed, thus avoiding booting via a boot disk. Such computers are also usually locked away in a room or even in a cupboard, denying physical access to the machine.
