| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 72738 | 2006-09-24 06:39:00 | Logging on as limited user: Latest magazine | JaceKiwi (2561) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 487022 | 2006-09-24 06:39:00 | You state that you should noramally log on as a limited user and only use an administrator account when doing thinks like installing programs. Even a Microsoft game can not be installed this way. I think it was Age of Empires. When installed under administrator the limited user could not play the game. I had to change the user to administrator rights and then install the game and make suer it worked. Once this was done then I changed the user back to limited user. | JaceKiwi (2561) | ||
| 487023 | 2006-09-24 10:06:00 | Logging on as an administrator all the time is, security wise, utterly foolish. Many security faults in common applications such as Internet Explorer may allow an attacker to run code as the current user. A limited user cannot damage the main system. You should do this only on systems where security compromises are not a concern (i.e. where no essential information is present and not backed up at an interval you can tolerate the loss of and where no confidential information is present in any form). The problem is that Microsoft have set defaults which encourage bad design in many programs, most notably games. This is all a symptom of Windows' origins as a single user OS. Even Microsoft games copy these awful security practices. Many games require the ability to write to folders that should by all rights be restricted. People are going to get a bit of a shock when Vista pushes better security on them. Perhaps then people will finally click that for a game to require full access to your entire system is just plain stupid. There's a reason why Windows is the #1 preferred platform for malware authors. |
TGoddard (7263) | ||
| 487024 | 2006-09-24 13:22:00 | In terms of day-to-day use on my linux box (main desktop), there's nothing that I need to do that requires me to be root (administrator). Installing certain games _does_ however me to switch to root temporarily, but everything always works fine as a regular user who is only allowed to write to his home folder (Think "Documents & Settings\Username") TGoddard put it incredibly well, and its been a long time coming. The sooner the regular user is "limited" in what damage can be done, the better! |
Chilling_Silence (9) | ||
| 487025 | 2006-09-24 21:34:00 | You could always put a "Program Files" folder in "My Documents" or your desktop. Mind you, it still won't work, as it needs to access the registry. | pcuser42 (130) | ||
| 487026 | 2006-09-24 23:06:00 | Mind you, it still won't work, as it needs to access the registry. Adjust the rights that group "user" has to the registry, but I think that is defeating the purpose of security. TGoddard made some very good points |
beama (111) | ||
| 487027 | 2006-09-25 10:53:00 | TGoddard and chill have it exactly. the one thing i love about linux is it has the root password protected and need to login to do changes. XP should have had that, finally vista might have it. i do say 'might have' as i heard a good comment that MS version of it is so poor that you need to login as admin to do basic things that a limited user should be able to do. hence they will proberly be apps/workarounds so it all can run in single user mode :( also the worse thing is the linux distros that are becomeing MS user friendly by useing single user mode (no root login) :( |
tweak'e (69) | ||
| 487028 | 2006-09-25 13:15:00 | Yeah, it sucks to see many distros going *backwards* IMO with that respect. There's a reason it was built like that in the first place, and the likes of SELinux push that idea of 'least privelage possible' one step further where not even root user is all-powerful anymore! |
Chilling_Silence (9) | ||
| 1 | |||||