[ale] Linux Distributions

Jim Popovitch jimpop at yahoo.com
Tue May 17 23:23:50 EDT 2005


On Tue, 2005-05-17 at 22:10 -0400, Michael B. Trausch wrote:
> Geoffrey wrote:
> > 
> > There is no defense when it comes to XP as the first user created is
> > root by default, and there is no indicator that this is the case.  Since
> > the majority of XP machines are one user machines, the majority of them
> > are in fact running as root.
> > 
> 
> Which is precisely the reason that the Windows systems on the Internet
> are the ones that are vunerable and spread vunerabilities.  

That is incorrect.  There is nothing root or Administrator specific that
enables the spreading of vulnerabilities.  Can root priviledges help?
sure.  Are they necessary? no. 

> It's not
> data that people are after, it's the machine itself.  Be it for
> processing power, storage, whatever, in the world of the personal user,
> it's not the data that matters.

That's not necessarily universal either.  It depends on the data and the
computer itself.  A computer on a dial-up modem is more value for it's
data.  A laptop in suspend mode is more valuable for it's hardware. ;-)

> 
> In the world of corporations, it's data that they want, and yet they
> still get to it, many times, because of something they knew that the SA
> didn't.
> 
> XP machines should have users, but again, the current releases of
> Windows are broken enough that you can do *NOTHING* as a user, not even
> install a program in your own home directory in your profile, as you can
> in the UNIX world, provided that you get a static binary or a C
> compiler, and your /home partition is not noexec.

Show me a CompUSA, BestBuy, etc user that can understand that, yet alone
do it.   --- 1001 points now. ;-)

> 
> I've heard that Microsoft is claiming to follow a more Unix-like
> permissions strategy, however, I've not verified the authenticity of
> that information myself yet, so I consider it to be a rumor.  However, I
> think it could be useful.

Currently XP and Win2K have a much more powerful user permissions
strategy.  If anything UNIX could gain from Windows in this area.  How
many users or groups can you give access to your /etc/clearcase
directory?  What if you already have NIS+ groups for devel, users and
admins and you don't want to re-create another group with all those
users in it?  ;-) 

-Jim P.



More information about the Ale mailing list