From: gep2(_at_)terabites(_dot_)com
...
The FACT remains, however, that restricting certain operations to "root-only"
or
"sysadmin-only" is really pretty meaningless on typical user-level Windows
desktops, where (especially on home machines) there IS no root or
sysadmin-level
qualified/intelligent/wise authority which is more qualified to approve or
deny
such requests.
If that made sense, then mail sent to "root" on UNIX boxes would
be a major hazard. If it made sense, then XP would not be
Microsoft-standard vulnerable to viruses and worms.
The problem with Windows boxes is not they have a single user
account, but that the single user account (on those Microsoft boxes
were there there is any notion of "user account" and so not Windows-ME
and preceding) always has all privileges.
A good picture of the problem is in the difference between ActiveX
and Java. Microsoft has asserted quite emphatically that the lack of
a "sandbox" in ActiveX is a feature instead of a bug. That nonsense
cannot be excused as historical baggage, because ActiveX is a
post-Internet mistake.
I still believe that a good alternative that is effective in the great
majority
of typical cases is to simply by default block unexpected attachments that
arrive from unfamiliar. untrusted senders (and most especially if those are
of
risky/executable types).
Let's see, what systems are built to to make it easy to execute
code that arrives by mail and even often without any let, leave,
or hindrance by the user?
Vernon Schryver vjs(_at_)rhyolite(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg