--- In LINUX_Newbies@yahoogroups.com, "Rob" <sun408b@...> wrote:
>
>
> Are you saying the problem is the old programs have too much acess to system files ?
yes, among other things.
Windows' Registry is also an enormously and unnecessarily complex pile of cow dung that contributes to the entire problem...it's too involved for normal users to easily find and fix problems. It's also far too fragile--your system can be easily hosed for some of the most trivial-appearing causes when the registry is involved.
That Win 7 requires an XP compatibility mode is a good thing--that would be even better if users would simply upgrade their programs to fully Win7 compatible versions.
> Is that why all those OS have problems with malware do to backwards compatible programs and the multi user system in Window vista and windows 7 is okay but no where has good has Unix ,Linux and Mac .And the multi user system in windows NT ,2000 and XP is really really really bad.
Windows was originally designed without multi-user capability in mind. The first ability to do multi-user was actually from another company, Citrix, which was founded by some ex-IBM folks who were among those who worked on OS/2. Each version of Windows has actually improved in these areas, but they had a very long way to go and they are hamstrung by legacy subsystems that are inherently not very secure.
It's popular to claim that Linux would be in trouble if it were more popular, that the reason Windows is so often compromised is because with its commanding market share it is such a huge target.
This is only partly true. The fact is that the basic design of UNIX and UNIX-like systems such as Linux is different--designed from the ground up as multi-user, multi-tasking operating systems. In most cases, someone who actually gains access to a Linux system is still extremely limited on what he can do there unless he has the password necessary to elevate the ability to compromise the underling system.
>
> >XP was no less secure than Windows 2000
> >or NT; quite the opposite, in fact. However, over all those years many exploits
> >were developed.
>
> What do you mean.
What part did you not understand?
>
>
>
>
>
> > > 4.windows NT /windows 2000/ windows XP make use of a account user of levels
> of permission for user by the admid
I am not sure why this continuing use of "admid" seems so confusing, but it would be helpful if the term "admin" were used--after all, its simply a shortened form of "administrator." I have no earthly idea what an "admid" might be.
> > >
> > I'm not sure what you mean. They do allow for granular permissions,
> > and, on the Active Directory level at least, sometimes more easily and
> > more efficiently than Linux/Unix, which will require some googling and
> > studying to get the equivalent of some point and click stuff.
First, Active Directory is not used on the vast majority of Windows systems. Second, it is far more difficult than the UNIX model--but may seem easier because of familiarity.
>
>
>
> Is that not what Unix ,Linux and Mac do has no one runs has root user? Has it is too dangerous for a user ,program or any thing to run has a root user.
Too many uses of "has" for me to make heads or tails of this question. Sorry. I think you are asking if this is why normal operations in a UNIX system are done by a normal user account rather than as root--and that is exactly why. People who web surf using a root login are simply foolish, to give but one example.
For many operations in Windows, by contrast, the programs themselves can escalate the permission level to system--which is the base, machine-level with which much mischief can be done often without the knowledge even of a system administrator.
Note that the Ubuntu way is quite interesting--you don't normally log in as a root user; each time you must do things that require root privileges, instead, you enter the root password. That way, newer users are substantially protected from themselves--they aren't tempted to log in as root for everyday operations. I regard that as a distinct improvement over the historical UNIX model for a distribution aimed at all levels of user background and experience.
>
> With Unix ,Linux and Mac the user cannot modify, install, or remove
> anything with out password is that not best way to stop malware?
yes, it's part of the answer certainly.
David
No comments:
Post a Comment