[CS-FSLUG] Five Linux Security Myths You Can Live Without
Frank Bax
fbax at sympatico.ca
Tue Apr 26 10:18:34 CDT 2005
At 08:56 AM 4/26/05, Bob Brown wrote:
>It is hard to run in a limited account on XP as a standard user.
>This is not necessarily a problem with XP, but in the outside software
>developers who still hang on to legacy practices.
Exactly. The recent post about upcoming Longhorn security suggests
Microsoft will attempt to fix this, although its unclear how. The problem
is that developers do their development while logged in with admin
priveledges, so software does not run properly without those
privileges. It doesn't help that the default install gives initial user
Admin rights. If MS follows through on the proposed changes, I expect
Windows will go through even more growing pains. It'll be worse than
SP2. MS has already stated earlier that no existing software will run on
Longhorn. Both are good changes for Windows (as they catch up to Linux),
but will the user community stick with them if software vendors do not
comply? Will Linux be more appealing, because these issues have already
been addressed?
>On the network at the church everyone runs on limited access except
>for the admins. If anyone needs anything installed then an admin needs
>to log in for it.
At a local non-profit where I provide some support, its worse than
that. The network is part of an NT domain. There was no way we were going
to give normal users Admin rights within the domain, so they are forced to
choose between: (a) normal user rights with network access, and (b) admin
rights to their own machine with no network access. We were forced to
allow (b) because some software will only run in that mode. Apparently
some users switch back and forth several times per day.
More information about the Christiansource
mailing list