Re: Administrator Accounts

[Nick FitzGerald <nick () virus-l demon co uk>]

Vicky Røde wrote:

> According to uac's own blog (http://blogs.msdn.com/uac/), users will run
> as a standard user even administrators. vista will be implementing
> something similar to sudo to which i say, about time.

So the security model of Vista is designed to deliberately (and 
irreversably??) break all those "mission critical" apps written way 
back before any cared that much about security (because they hadn't 
heard about that "Internet thing" yet) and all those more recent apps 
written by a pack of gibbons that (read my recent post in this thread 
for the rest...)??

Wow -- that will ensure no-one runs it...

If MS thinks the reason most folk who run NT-ish OSes with local admin 
is because of stupidity, lack of clue about security infrastructure 
improvements since NT 3.x, etc, then methinks they haven't done their 
homework very well...

Mind you, MS is the company whose own, "NT compatible" or (whatever it 
was back then) tested, certified and logo-ed (by MS' own certification 
labs, of course) office suite could not be fully utilized on a modestly 
well-locked-down NT system because parts of it insisted on writing 
random-named temporary files into the program's install directory tree 
(ever heard of %temp% guys?) and -- get this -- into sysdir, so I guess 
it might not be entirely unlikely for them to still be that far out of 
touch...


Regards,

Nick FitzGerald


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.