[thelist] [OT] MS vs *nix WAS:( New Critical Security Patch forWindows)
Shawn K. Quinn
skquinn at xevious.kicks-ass.net
Fri Feb 13 02:56:22 CST 2004
On Thursday 2004 February 12 19:11, Ken Schaefer wrote:
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> From: "Shawn K. Quinn" <skquinn at xevious.kicks-ass.net>
> Subject: Re: [thelist] [OT] MS vs *nix WAS:( New Critical Security
> Patch forWindows)
>
> : It's not just popularity. The Windows security model, even in
> : Windows 2000, has fundamental flaws that need to be addressed.
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> Interesting - and what are these "fundamental" security flaws?
One that sticks out in my mind is this:
On Unix, a user has to run 'su' or 'sudo' to actually run commands as
root (administrator). On the *BSD systems, that user has to also be in
the wheel group (Richard Stallman has a reason for not implementing the
wheel group in GNU su). It's considered poor practice to directly log
in as root except when absolutely necessary.
On Windows 2000, once a user logs in and is in the administrator group,
it is as if they logged in as administrator all the time. That user
cannot drop administrator privileges when they aren't needed and is not
prompted for additional confirmation for actions that require
administrator privileges.
--
Shawn K. Quinn
More information about the thelist
mailing list