Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Says Other OSes Should Imitate UAC

Posted by kdawson on from the bring-'em-down-to-our-level dept.

COA writes "Many Vista adopters find User Account Control irritating, but Microsoft thinks it's an approach other OSes should emulate. Microsoft Australia's Chief Security Adviser Peter Watson calls UAC a great idea and 'strategically a direction that all operating systems and all technologies should be heading down.' He also believes Microsoft is charting new territory with UAC. 'The most controversial aspect of Watson's comments all center around the idea that Microsoft is a leader with UAC, and that other OSes should follow suit. UAC is a cousin of myriad "superuser" process elevation strategies, of which Mac OS X and all flavors of Linux already enjoy. The fact is that Microsoft is late to the party with their Microsoftized version of sudo. That's really what UAC is, after all: sudo with a fancy display mechanism (to make it hard to spoof) and extra monitoring to pick up on "suspicious" behavior.'"

4 of 493 comments (clear)

  1. Re:Obligatory by Necron69 · · Score: 4, Informative

    Gee, that's funny. My 1989 copy of the "UNIX System Administration Handbook" has a lovely section on the usage of sudo on page 32.

    Evi Nemeth herself beat the use of sudo into my head during the Sysadmin Workshop class I took from her in '90. I used to hate it, but now I realize the old bird was right about sudo.

    The UNIX world has this crap beat by more than a decade, with plenty of published prior art.

    - Necron69

  2. Re:Obligatory by Dan+Ost · · Score: 4, Informative

    That's what the ctrl-alt-del combo is supposed to foil. A uncontentious user would remain safe by observing this, but the typical user wouldn't care (assuming they even noticed).

    --

    *sigh* back to work...
  3. Re:Or not? by jedidiah · · Score: 4, Informative

    Sudo is just fine for everyday users. Ubuntu uses it extensively to great effect. Of course it isn't implemented as a "crude command line utility" as your message implies. Sudo hasn't been restricted to that for a long time. There have likely been gui wrappers for it for as long as it's been around (through things like tcl/tk and such).

    If you think sudo requires a "black desktop", then your knowledge of Linux is at least 10 years out of date.

    --
    A Pirate and a Puritan look the same on a balance sheet.
  4. Re:Obligatory by SL+Baur · · Score: 4, Informative

    You didn't read the patent. They describe sudo in it as clear prior art, then go on to describe why their system is different and better.

    The patent is for a heirarchical security model where there are multiple levels of access not the all or nothing of sudo. Only the most privileged is like sudo, the other intermediate levels have some level of system access, but not all. It's kind of like capabilities, but a lot more limited since each higher level of security has access to all the lower levels. Fascinating and I can see why the patent was granted (I hope there's clear prior art in an MLS system of the day or even VMS, SYSPRV and SETPRV are close, but I'm not sure).