|
 |
On 12/20/2010 11:41 AM, Warp wrote:
> Darren New<dne### [at] san rrcom> wrote:
>> Traditional file system interfaces probably do too. For example, if you
>> wanted something like a virus scanner that was watching your executables, I
>> suspect that "scan the file when it gets passed to exec()" is probably a
>> much more common implementation than "scan each block between the time it is
>> paged in and the time the code branches to it", for example. (Indeed, I
>> don't know how you'd even do that latter on Linux or Windows or whatever.)
>
> On the subject of virus scanners in particular, I'd say that the very
> need to have such scanners is a symptom of fundamentally bad OS design.
> Of course this isn't an original idea of mine, as such an idea has been
> expressed numerous times by people more knowledgeable than me (and probably
> even linked to in this very newsgroup in the past).
>
> The unix philosophy of OS design has always been a step or two closer
> to the safer design (with respect to computer viruses and other malware)
> then the typical DOS/Windows (and other similar OS's in the past) design.
> The reason for this is that unixes have always been designed to be
> multi-user operating systems while DOS/Windows has been designed to be
> a single-user OS with no regard to security. The very need to handle
> multiple user automatically brings forth the need for security: You should
> not be able to access other users' data without permission, and especially
> you shouldn't be able to access the superusers' data without permission.
> This causes security to be built into the system from the ground up.
>
> The DOS/Windows design always took basically the exact opposite approach:
> Whatever the user wants to run or do, the OS allows. It's not the system's
> task to stop the user doing what he wants. Unfortunately it took over 20
> years for Microsoft to rid itself of this mentality (for some reason MS
> has always been very slow to adopt certain ideas). NT had security, but
> it wasn't even intended for normal users. It wasn't until XP that some
> *semblance* of security was introduced (yet, nevertheless, the mentality
> of the regular user being by default the superuser was still there, and
> probably 99% of XP users out there still use their machine with superuser
> privileges). This made the spreading of viruses and malware *trivial*.
>
> Not that the unix design is perfect, but at least viruses, worms and
> other malware have always been, and still are, extremely rare in unix
> systems in comparison (basically the only relatively successful worms
> in the unix world have exploited bugs in the systems to spread themselves,
> rather than relying on the users; fix the bug, and the worm stops; however,
> in the single-user OS's it requires a very significantly more radical
> change in design than just fixing a few bugs).
>
Seems to me, the best design would be an additional layer. An
application runs "sandboxed", until a scanner can verify its not
dangerous, and only then does it get "current user" rights, never mind
admin. That way, it can only clobber itself, or the data it creates
itself, or copies of the data you opened with it. Nothing changes in the
"original", of say, a JPG, until you, or your scanner, are sure that the
program is what it says, and even any changes you make only appear in
*its* copy, until verification happens, and the original is updated with
the changes.
Or, something like that. Not unlike the idea I had with using EyeOS as a
host for fake terminals, where you could hack them, but you would be
hacking into the copy of the system, so the normal user of it could log
in, see the hack and then, on their option, restore the whole thing in a
single action, back to the unchanged state. Any changes/additions they
made would still go to *their* copy, unless the changes where to a
hacked file, in which case you could have the option to keep the changes
you made, or throw them out (i.e., restore from a backup).
--
void main () {
if version = "Vista" {
call slow_by_half();
call DRM_everything();
}
call functional_code();
}
else
call crash_windows();
}
<A HREF='http://www.daz3d.com/index.php?refid=16130551'>Get 3D Models,
3D Content, and 3D Software at DAZ3D!</A>
Post a reply to this message
|
|
