[ros-dev] dealing with insecure-by-inattention Windows software
post.center at gmail.com
Fri Dec 16 20:57:46 CET 2005
Well, I thought of doing it this way:
If an application requests something, an ordinary user isn't allowed to
do without an system maintenance password, it pauses the thread, which
asked, and pops up a window, asking for the system maintenance password
(either the user specific, if he has one, or the systemwide password).
If the user enters a correct password, the system unpauses the thread
and gives him, what it asked for, if not the user will be asked again
some times (with the ability to abort) and after some tries, or if the
user aborted, it unpauses the thread and rejects the requested action,
so there shouldn't be that many compatibility issues, as the
applications don't know, the action they requested is checked.
The only problem is, like you mentioned, if an application doesn't know,
how to handle these rejected requests.
Maybe we can create a compatibility tool for it, so that we can start
applications with system maintenance rights.
But something about burning: Why do we have to handle this like MS does?
We can enable burning for ordinary users by default, so this problem
Michael B. Trausch schrieb:
> On Fri, 2005-12-16 at 18:27 +0100, David Hinz wrote:
>> Maybe we should do it the unix/linux way, there is a root user, called
>> administrator, he is allowed to do everything, but by default you
>> shouldn't be able to login as administrator (the way it is on ubuntu and
>> some other linux-distributions).
> Windows Vista starts to put in a framework for something like this,
> whereby if the user doesn't have admin privilege on the workstation,
> they receive "virtualized" copies of the system folders. It is sort of
> like the BSD chroot jail, but you can't alter system-wide attributes.
> Also, "Administrator" is the only account that can do a lot of things.
> Even other designated computer administrators cannot do some of the
> things that the Administrator can do, such as burn CDs, without help
> from another set of privileges. In using the system, it's Windows, for
> sure, but it doesn't work the way you would expect Windows to work, and
> it breaks a good bit of software.
> Now, mind, Windows Vista isn't released yet, so they're going to be
> working on addressing some of those issues (so they claim), but it's a
> pain in the behind. I couldn't figure out, for example, how to grant
> special privileges to the other computer administrators, such as the
> ability to use some of the control panels (Device Manager within System,
> being one of them). You could view the list as another computer admin,
> but you couldn't install drivers or any of the like without logging into
> the administrator account. I found that pretty annoying, since I could
> not find a way to grant that ability to another computer administrator.
> Be careful, many applications make assumptions about how the security
> mechanisms work, and if they do not work in the way that is expected,
> they unexpectedly bail. That is also kind of annoying. Only a small
> handful of applications can detect that scenerio and warn the user (such
> as Nero).
> Just a heads up. :)
> Ros-dev mailing list
> Ros-dev at reactos.org
More information about the Ros-dev