Why do people switch to Linux 13481

On Mon, 31 Oct 2005 22:21:31 -0500, Bob Hauck

Sure they are, your characterization of the default setting as "go ahead and mess with me" is pure FUD. Take a look at all of the different ACEs and how they apply to the various system objects in a system that is a member of a domain sometime. Afterwords tell me if you still think it's an inviting proposition to start "messing" with them.

Regardless of the how ill advised or not Windows default settings are, I still prefer having the security sub system based on a robust, flexible, construct like ACLs.

The point is, that the OS, and it's security sub-system are *designed* to make use of ACLs. So whether the user chooses to take advantage of them or not, the OS and the security sub system still take advantage of them and use them extensively. Do you think that SELinux uses u-g-o?

Culture and defaults aside, it's unreasonable to ask an OS to protect itself and it's files from a user who has root-admin privileges. I agree with you that MS should *force* a non admin account at install time. However, in regards to the OS itself, the fact that Windows can't adequately protect it self, it's files, or a user, when that user is logged on with Admin rights is *not* indicative of a design flaw. Linux could not do it either under the same circumstances.

Windows users should be chastised just as soundly for routinely logging on with admin privileges. The point is that you can point to the defaults and say it's bad policy by Microsoft, but you can't use that to claim the OS is flawed just because it's unable to adequately protect itself from the actions of a user with root-admin privileges.

It's not in Windows either, that's just a lame excuse, and it's simply not true. I know because I do it day in and day out.

Nothing wrong with the Power User setting, it still lacks the most important Admin right of WriteAccess to the registry.

Most software that requires admin rights beyond installation is poorly designed, plain and simple, there is no reason for it, and such software should be avoided

It's relevant in terms of OS design, if Linux security failed because the user was logged on as root you would blame the user, If Windows security fails because the user is logged on with admin rights you blame the OS.

In terms of OS design why the user is logging on with admin privileges is irrelevant. Defaults and suggested practices are a matter of policy, and the OS has no control over them.

In a college setting this has value, in a business environment less so, for the average home user, not very useful.

Surely you've heard of file and printer sharing under Windows.

Logging on as another user is only slightly more trouble, and if XP isn't a domain member I believe "fast user switching" is just about the same thing.

I know this capability is useful, I just don't think a Windows user is really missing out on anything spectacular.

No, sorry this is wrong, the software *does* work right with the security model. I've run all kinds of programs on an NT-2K-XP and I've never run across anything that didn't either run fine as a PowerUser or functioned properly under RunAs.

Fine, I'd agree with you as long as it's understood that this is a failure of Microsoft policy and practices, and not a failure of OS design.

I think most of the most worst offenders are games, and that's probably a result of their desire to get as close to the graphics hardware as possible. A similar situation exists for the Video IN application for my nVidia graphics card, it won't function without Admin privileges, but it functions just fine with RunAs.

I agree with you that better defaults should be enforced and better practices should be taught and regularly encouraged. But right now today, it *is* possible to use a Windows machine for all the common everyday tasks (and games) without logging on with admin rights.

-- Cheers T.G. Reaper