Slashdot Mirror
Windows Users Ignoring LUA Security
blankify writes "eWeek is running a story about the least-privilege, no-admin option available in Windows (2000/XP/2003) that has been mostly ignored by end users. From the article: '"To the average user, the notion of non-admin is abstract and obscure," said Michael Howard, a senior security program manager in Microsoft Corp.'s security business and technology unit. "Most users just don't know they can set up least-privilege accounts in Windows today, and that's just a sad reality."'"
Indeed.
.
Now if the help info was just packaged in the eminently user-friendly 'info' system. .
Heh.. These accounts (non-priv / non-admin) are my corporations's default and it's an interesting battle trying to get admin privs on a local machine (need them to test several software packages we distribute). I've found that requesting an install of Adobe Photoshop will get admin privs easier than getting a piece of paper signed by immediate manager, department head, reviewed by IS, and various other sign offs.
I'm a Gentoo user at home and I'm too used to being able to modify my system to suit my needs. Some of these "need admin to run" programs are actually a nice way to get privelidge escalation without all the bureaucracy involved.
-B
I was thinking more like it could automagically pop up a vi window to a config file in a maze of folders under /etc
MS - Hello intrepid user. I know I've always allowed you to run as root before but check this out! You computing experience could be filled with and endless array of confusing dialogue boxes all basically telling you you're not root.
User - That sounds like it might suck.
MS - No no no, it's great! And it's pretty hard to implement. Oh and a whole shitload of legacy apps won't even install.
User - Why would I want that?
MS - It's safer.
User - Do you still let programs run as System?
MS - Well yes.
User - Why?
MS - Symantec asked us to support the Open Source Virus Community and we are!
This