Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Patents sudo

Posted by michael on from the you're-just-mad-you-didn't-think-of-it-first dept.

Jimmy O Regan writes "Justin Mason (of SpamAssassin fame) has this blog entry: US Patent 6,775,781, filed by Microsoft, is a patent on the concept of 'a process configured to run under an administrative privilege level' which, based on authorization information 'in a data store', may perform actions at administrative privilege on behalf of a 'user process'."

11 of 663 comments (clear)

  1. Prior Art? by aweraw · · Score: 5, Interesting

    So, I guess the prior art will be easy to show... right?

    --
    5468652047616D65
    1. Re:Prior Art? by PW2 · · Score: 4, Interesting

      More prior art: A co-worker of mine has a working application that runs as a priveleged user and is used to start and stop custom NT services after receiving RPC calls from a client application that we are using so that we don't need permanent admin access to start and stop the services. This was a result of Sarbanes-Oxley -- I miss the good access I had in 1999 when I was the DBA, sysadmin, developer, etc. Now I'm only the developer.

  2. Proof of concept? by Penguinoflight · · Score: 4, Interesting

    I don't think I've seen a true unprivileged user under an M$ system yet. Everyone is talking about previous art, which is definitly around, but I'd say make M$ prove they actually understand sudo before you start complaining about "I saw it first."

    --
    "And we have seen and do testify that the Father sent the Son to be the Savior of the World"
    1 John 4:14
    1. Re:Proof of concept? by horatio · · Score: 4, Interesting

      I agree. I also have to agree with an earlier post which mentioned punishing those who patent what they know already has prior art.

      Problem is, I have seen this unprivileged user, and its broken. A few years ago we split our NT accounts in the IT office I worked in into 'priv' and 'non-priv' accounts for each of us. Previously, our typical logins had all the admin privs to do whatever we needed on the workstation.

      The plan was that we could use the win2k/xp version of 'su' (whatever it is called, I don't remember) to do things that needed elevated privs. IT DIDN'T WORK. Some of the child processes, for example, of burning a CD would spawn as your unprivileged context - meaning you couldn't burn a damn CD. You had to log out, and log back in with your priv account for a simple task like burning a CD.

      I think its great how Microsoft steals ideas from other people (*cough*NIX), comes up with a totally frelled implementation that many times doesn't work - and then A) breaks the existing standards, B) goes off and patents the idea as their own or C) both

      Perhaps Microsoft's division which is doing all this should simply be retitled "Patent Whores"

      --
      There is very little future in being right when your boss is wrong.
  3. You know something... by neiras · · Score: 5, Interesting

    The American patent system is so out of control, it's unbelievable. The companies that abuse the overworked, underqualified patent office to stack up dubious patents for future ammunition against competitors ought to be sanctioned!

    I don't have words to express how angry this IP grab makes me - and I'm not even an American! Did the Patent Office do any looking into prior art in this case at ALL?

    Whose brilliant idea was it to give corporations the same legal rights as an individual? I wonder if this kind of crap would happen if only individual inventors could apply for patents, whether or not they were funded by a company that paid for their research. Hell, make it illegal for companies to defend patents or fund the defense of their employees' patents - make it up to the inventor to go to court and defend themselves! Jail time if prior art is found!

    Research would still get funded, but only for the purpose of improving products, not for expansion of intellectual property portfolios.

    IANAL (obviously), I know these are probably stupid suggestions, but damn it, we need some extreme methods to match the extreme opportunism shown by these companies. Anyone else have other pie-in-the-sky, impractical ideas for changing the US patent system? ;)

  4. This is getting ridiculous by Mr.+Cancelled · · Score: 5, Interesting

    Companies are getting rich by stealing the future inventions of people with these generic fucking patents. What are the odds that those who invented the patenting process actually envisioned it being twisted around and allowing people to patent ideas, and concepts, the like of which they themselves have no idea how to achieve.

    The idea of a patent is, or at least should be, to patent an invention. Not some task or distant goal which you can imagine some day being achieved, but are unable to currently achieve yourself.

    Imagine if Ford had been able to patent the automile in generic enough terms so that any motorized land vehicle was covered... Where would we be today Wine makers had patented the fermentation process before beer had existed?

    IMHO, patents should be for very specific inventions, and processes, which you have invented, and can accurately demonstrate at the time of patent request, and which of course didn't exist in it's current form prior to your invention

    The computer industry, and it's money sucking lawyers have been allowed to chisel away at the wording and verbiage of the patent laws to such an extent that you are now able to patent just about any idea/concept someone may have down the road. Just think about the stifling of innovation if those science fiction writers of the 50's had patented all that they foresaw.

    What makes me mad is that no one has yet come forward and shown prior artwork for a patent on lawyer wielding companies who make their money by exploiting the ideas and innovations of others through a series of generic and vaguely worded patents and threats. Perhaps then this whole mess would disapear.

  5. My Theory by TheSpoom · · Score: 4, Interesting

    My theory is that Microsoft is patenting all these things so they can use it as part of a marketing campaign to PHBs when Longhorn comes out. Something to the effect of, "Why take the risk of running Linux when we own the patents on everything they use?" I know a few people it would convince pretty easily... Tis all FUD.

    --
    It's better to vote for what you want and not get it than to vote for what you don't want and get it.
    - E. Debs
  6. Gnome Pager - patented by Microsoft by iive · · Score: 5, Interesting

    It's an old news, but I wonder have slashdot crowd found out this patent:

    http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=P TO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch- bool.html&r=1&f=G&l=50&co1=AND&d=PG01&s1=200301895 97&OS=20030189597&RS=20030189597

    The most interesting part is the images. There you can actually see the Gnome logo. (There is an extra karma bunus for the first who find the KDE logo;)


    So Microsoft have already begun patenting Linux.
    It is true that M$ cannot buy GPL code, but it can buy the coders.

    Now, guess what will happen after the fiaSCO is over.

  7. Re:A brief history of SUDO by Flower · · Score: 4, Interesting

    Bruce Perens brought this up in a previous patent article and I can't find the post atm. IIRC, it's a criminal offense to knowingly file a false patent. I would assume it falls under perjury. Of course, you don't see anybody actually being prosecuted for this.

    --
    I don't want knowledge. I want certainty. - Law, David Bowie
  8. Re:Claim seems valid by sploo22 · · Score: 4, Interesting

    I can certainly see how this could apply to sudo.

    executing an administrative security process under the administrative privilege level;

    bash forks/execs the sudo process, which gains root privileges through the setuid bit.

    the administrative security process accepting a request from a user process executing under the non-administrative privilege level to initiate a particular administrative method

    The request is passed on the command line and accepted by sudo.

    the user process calling the administrative security process with parameters comprising (a) an identification of the particular administrative method and (b) arguments to be provided to said particular administrative method; and

    Now, this depends on your definition of a method. If an executable program counts as one - and it should, as most administrative tasks under UNIX use separate commands - then this fits perfectly.

    the administrative security process calling the identified particular administrative method on behalf of the user process and providing the arguments to said identified particular administrative method.

    Sudo execs the requested program. QED.

    The thing is, the patent doesn't specifically say the privileged process has to handle multiple requests. Sudo DOES run in its own process before it transfers control.

    --
    Karma: Segmentation fault (tried to dereference a null post)
  9. Re:maybe not so easy by aweraw · · Score: 4, Interesting

    So, it's somewhat questionable if sudo would really block the claims. I'm sure if one were to send the patent office the sudo info, MS would argue that they have an "already running admin. process" that then actively accepts requests from other user processes.

    you may be correct... I wonder, in security terms, if its a good idea to have such a thing constantly on, like you describe.

    --
    5468652047616D65