[thelist] [OT] MS vs *nix WAS:( New Critical Security Patch forWindows)

Shawn K. Quinn skquinn at xevious.kicks-ass.net
Fri Feb 13 02:56:22 CST 2004


On Thursday 2004 February 12 19:11, Ken Schaefer wrote:
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> From: "Shawn K. Quinn" <skquinn at xevious.kicks-ass.net>
> Subject: Re: [thelist] [OT] MS vs *nix WAS:( New Critical Security
> Patch forWindows)
>
> : It's not just popularity. The Windows security model, even in
> : Windows 2000, has fundamental flaws that need to be addressed.
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Interesting - and what are these "fundamental" security flaws?

One that sticks out in my mind is this:

On Unix, a user has to run 'su' or 'sudo' to actually run commands as 
root (administrator). On the *BSD systems, that user has to also be in 
the wheel group (Richard Stallman has a reason for not implementing the 
wheel group in GNU su). It's considered poor practice to directly log 
in as root except when absolutely necessary.

On Windows 2000, once a user logs in and is in the administrator group, 
it is as if they logged in as administrator all the time. That user 
cannot drop administrator privileges when they aren't needed and is not 
prompted for additional confirmation for actions that require 
administrator privileges.

-- 
Shawn K. Quinn


More information about the thelist mailing list