Home   Groups   Digests   Personalise   Search   Login
  POV-Ray : Newsgroups : povray.off-topic : I am convinced... : Re: I am convinced... Server Time
3 Sep 2024 13:17:22 EDT (-0400)
  Re: I am convinced...  
From: Darren New
Date: 20 Dec 2010 18:00:04
Message: <4d0fdff4$1@news.povray.org>
 
Warp wrote:
>   They wouldn't if Microsoft hadn't taught them the bad habits.

Probably true. But that is left over from when Windows ran on machines that 
weren't even capable of running UNIX and for which having a multi-user OS 
made no sense.

>   If the very first version of DOS had had a similar account/password
> system as unixes,

... then it wouldn't have run on an 8086, and MS would be broke.

> would not complain because they would take it for granted, as something
> obvious.

It's hard to say. Most of the other systems of the day didn't have it either.

>>>   The DOS/Windows design always took basically the exact opposite approach:
>>> Whatever the user wants to run or do, the OS allows.
> 
>> That's kind of what happens when you don't have virtual memory mapping.
> 
>   The mentality prevailed well after the 80386 became the de-facto standard.

Backwards compatibility is a bitch, indeed.

>> Sure, but Windows hasn't been single-user for 10+ years.
> 
>   Well, how long it took for Microsoft to *finally* get some semblance
> of security into their desktop OS? 

Backwards compatibility is a bitch.

 > (And the major reason why it took them
> so long is not because of technical difficulties, but simply because they
> just didn't bother.)

Sure. Welcome to the commercial market.

But this is kind of off the topic now, methinks. Or at least drifting into 
another discussion.

UNIX isn't safe because it has had multi-user stuff longer. (Safer. Far from 
"safe".) One slip by the superuser can screw things up. Anyone with the root 
password can do anything they want and steal any data they want from anyone 
else on the machine. Tricking the superuser into running your code, or 
mounting a disk you have without turning off setuid on it, or a server with 
a buffer overflow, or anything like that can corrupt the system in ways just 
as hard to figure out.

Contrast with something like Singularity, where you explicitly list every 
program you're going to run, every file they're going to access, there's no 
way to run code that isn't signed, no way to get someone to overrun a buffer 
to run code that wasn't in the executable to start with, and giving each 
program its own set of permissions orthogonally to the users running the 
program. *That* is a significant advance in security of an operating system.

-- 
Darren New, San Diego CA, USA (PST)
   Serving Suggestion:
     "Don't serve this any more. It's awful."


Post a reply to this message

Copyright 2003-2023 Persistence of Vision Raytracer Pty. Ltd.