|
 |
Darren New <dne### [at] san rrcom> wrote:
> > You should
> > not be able to access other users' data without permission, and especially
> > you shouldn't be able to access the superusers' data without permission.
> > This causes security to be built into the system from the ground up.
> But this has been the case with NT forever, and since XP, people haven't
> been running superuser. The problem is that people bitch about the security,
> complain they can't set the clock without typing a password, etc.
They wouldn't if Microsoft hadn't taught them the bad habits.
If the very first version of DOS had had a similar account/password
system as unixes, and this strict mentality had been dragged along (and
improved) in all subsequent versions of DOS and Windows, people today
would not complain because they would take it for granted, as something
obvious.
> > The DOS/Windows design always took basically the exact opposite approach:
> > Whatever the user wants to run or do, the OS allows.
> That's kind of what happens when you don't have virtual memory mapping.
The mentality prevailed well after the 80386 became the de-facto standard.
(And, in fact, even the 80286 supported some type of memory protection.)
> > in the single-user OS's it requires a very significantly more radical
> > change in design than just fixing a few bugs).
> Sure, but Windows hasn't been single-user for 10+ years.
Well, how long it took for Microsoft to *finally* get some semblance
of security into their desktop OS? (And the major reason why it took them
so long is not because of technical difficulties, but simply because they
just didn't bother.)
--
- Warp
Post a reply to this message
|
|
