[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[no subject]
It's a matter of the design of the system. If you can't get root, from
being a user, then you can't attack as easily, by a LONG SHOT.
Things are MUCH harder to attack that way. Period. I didn't say that
it's impossible; you're making that assumption. I need not tell you
what assuming does.
>
>>It's not
>>data that people are after, it's the machine itself. Be it for
>>processing power, storage, whatever, in the world of the personal user,
>>it's not the data that matters.
>
> That's not necessarily universal either. It depends on the data and the
> computer itself. A computer on a dial-up modem is more value for it's
> data. A laptop in suspend mode is more valuable for it's hardware. ;-)
>
Users who attack things nowadays, are looking for zombie machines. They
don't want the data on the machines for the most part; they typically go
after corporate networks if that's what they want. Again, you're going
further then what I'm saying and making it into a blanket. Sounds to me
like you're fishing for something else to pull out of what you're making
your assumptions from.
>
>>In the world of corporations, it's data that they want, and yet they
>>still get to it, many times, because of something they knew that the SA
>>didn't.
>>
>>XP machines should have users, but again, the current releases of
>>Windows are broken enough that you can do *NOTHING* as a user, not even
>>install a program in your own home directory in your profile, as you can
>>in the UNIX world, provided that you get a static binary or a C
>>compiler, and your /home partition is not noexec.
>
>
> Show me a CompUSA, BestBuy, etc user that can understand that, yet alone
> do it. --- 1001 points now. ;-)
>
There are ways to make the system do it for them, without giving them
root privilege, and if they want to work their way to an "advanced"
user, they can figure the rest out on their own.
>
>>I've heard that Microsoft is claiming to follow a more Unix-like
>>permissions strategy, however, I've not verified the authenticity of
>>that information myself yet, so I consider it to be a rumor. However, I
>>think it could be useful.
>
>
> Currently XP and Win2K have a much more powerful user permissions
> strategy. If anything UNIX could gain from Windows in this area. How
> many users or groups can you give access to your /etc/clearcase
> directory? What if you already have NIS+ groups for devel, users and
> admins and you don't want to re-create another group with all those
> users in it? ;-)
>
Are you ignoring the ACL functionality that is now present in the
kernel? Yes, I do believe you are.
- Mike
--
Michael B. Trausch <fd0man at gmail.com>
Website: <a rel="nofollow" href="http://fd0man.chadeux.net/";>http://fd0man.chadeux.net/</a> Jabber: mtrausch at jabber.com
Phone: +1-(678)-522-7934 FAX (US Only): 1-866-806-4647
===================================================================
Do you have PGP or GPG? Key at pgp.mit.edu, Please Encrypt E-Mail!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<ul><li><strong>Follow-Ups</strong>:
<ul>
<li><strong><a name="00529" href="msg00529.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> groups at ChangingLINKS.com (ChangingLINKS.com)</li></ul></li>
</ul></li></ul>
<!--X-Follow-Ups-End-->
<!--X-References-->
<ul><li><strong>References</strong>:
<ul>
<li><strong><a name="00313" href="msg00313.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> meson3902 at gmail.com (Mark Schill)</li></ul></li>
<li><strong><a name="00314" href="msg00314.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> groups at ChangingLINKS.com (ChangingLINKS.com)</li></ul></li>
<li><strong><a name="00316" href="msg00316.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> Robert.L.Harris at rdlg.net (Robert L. Harris)</li></ul></li>
<li><strong><a name="00343" href="msg00343.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> groups at changinglinks.com (ChangingLINKS.com)</li></ul></li>
<li><strong><a name="00346" href="msg00346.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> james.sumners at gmail.com (James Sumners)</li></ul></li>
<li><strong><a name="00453" href="msg00453.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> fd0man at gmail.com (Michael B. Trausch)</li></ul></li>
<li><strong><a name="00464" href="msg00464.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> hbbs at comcast.net (Jeff Hubbs)</li></ul></li>
<li><strong><a name="00477" href="msg00477.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> esoteric at 3times25.net (Geoffrey)</li></ul></li>
<li><strong><a name="00489" href="msg00489.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> fd0man at gmail.com (Michael B. Trausch)</li></ul></li>
<li><strong><a name="00495" href="msg00495.html">[ale] Linux Distributions</a></strong>
<ul><li><em>From:</em> jimpop at yahoo.com (Jim Popovitch)</li></ul></li>
</ul></li></ul>
<!--X-References-End-->
<!--X-BotPNI-->
<ul>
<li>Prev by Date:
<strong><a href="msg00521.html">[ale] Linux Distributions</a></strong>
</li>
<li>Next by Date:
<strong><a href="msg00523.html">[ale] Linux Distributions</a></strong>
</li>
<li>Previous by thread:
<strong><a href="msg00557.html">[ale] Linux Distributions</a></strong>
</li>
<li>Next by thread:
<strong><a href="msg00529.html">[ale] Linux Distributions</a></strong>
</li>
<li>Index(es):
<ul>
<li><a href="maillist.html#00522"><strong>Date</strong></a></li>
<li><a href="threads.html#00522"><strong>Thread</strong></a></li>
</ul>
</li>
</ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
</body>
</html>