I think you misunderstood how Registry works. All registry are only writable by admin except HKEY_CURRENT_USER, which is a separate file sotred in each users home directory. A well-designed application will store global settings in HKEY_LOCAL_MACHINE and user-specific settings in HKEY_CURRENT_USER. That's why backing up your home directory will also back up your user registry settings. In addition, there is an ACL for each key-value pair for fine-grained security. Running as Admin will be a problem because spyware can modify HKLM to enable launching spyware as startup for ALL users. (think/etc/profile) Running as normal user will be less problematic because spyware can only modify HKCU to enable startup on current user. (think ~/.bashrc)
The phrase "part of the OS" is in the sense of sh is part of Linux distribution. IE code runs in Userland. There is nothing magical about it. IExplorer.exe is jsut a tiny piece of frontend-like program that calls this huge MSHTML library, which many windows applications depend on. And they are all user land applications.
If you said something about most people run IE as Admin, I would believe you. But that's not really the issue here because most spywares and viruses and mass mailers can be installed in the home directory without any problem. ("PREFIX=~./configure" anyone?)
At where I work we are given at least two machines and can install whatever we want, including dual boot to other OS's. We are also allowed to listen to mp3 all the time while coding. Guess it's different culture.
So you are basically saying that lack of sandboxing limits the users control to their own machines. Seti@home runs perfectly fine in a heterogenius envirnment. distcc runs fine given that you have the right version of cc or cross compiler on that machine. you can even rlogin to usermode linux or vmware or something. It's your implementation that force you to put a DRM on each machine and take away users' power to do whatever they like to their own machine.
The environment you described is a situation where many people share a few machine. But in Microsoft people are given multiple machines to just play around. Nothing is really shared except files on file servers. You also ignored the fact that Those are local admins, not DOMAIN admins. People cannot screw with other people's files no matter what if the admin rights are only local to users' own machines. Why would you want other people to At the end you also give an invalid example on how those rlogin machines have to be locked down. It has nothing to do with people's desktops. Do you rlogin to reception desk's computer to build a project? Think not.
Then what's the difference from giving the user admin access to his own machine? stuff in/bin or/etc are hardly critical compared to the data in your home directory, say, checked out source codes. IT people probably already have backup of those common directories but not user diretories.
Slashdot Mirror
What did you do to make Sony's period late?
Maybe you should check out GB18030
vi and emacs?
A Recursive head!
I think you misunderstood how Registry works. All registry are only writable by admin except HKEY_CURRENT_USER, which is a separate file sotred in each users home directory. A well-designed application will store global settings in HKEY_LOCAL_MACHINE and user-specific settings in HKEY_CURRENT_USER. That's why backing up your home directory will also back up your user registry settings. /etc/profile)
In addition, there is an ACL for each key-value pair for fine-grained security.
Running as Admin will be a problem because spyware can modify HKLM to enable launching spyware as startup for ALL users. (think
Running as normal user will be less problematic because spyware can only modify HKCU to enable startup on current user. (think ~/.bashrc)
Bite my shiney metal ass.
Uh... See this.
Except they forgot to put IE inside.
We use agile programming methods.
It seems they are offering free downloads for one year.
I'm getting 4000kb/s at work.
Informative?
We can create a micro-license which people can load modules to add more clauses to it.
You are confused UTF-16 with UCS2. UTF-16 has surrogates to represent the entire Unicode table.
The code is the comments.
I think you computer's infected because iexplorer.exe does run as
Read the second half of my comment.
You rip the drive out and stick into another computer. If there is encryption, superuser won't solve it anyway.
I am the only user on the machine and I compile things everyday. So I use nosuid instead of noexec. It suits my need better.
That would cause major inconvenience to the users. And you forgot the more dangerous places such as /tmp
And you believe everything Ballmer said?
The phrase "part of the OS" is in the sense of sh is part of Linux distribution. IE code runs in Userland. There is nothing magical about it. IExplorer.exe is jsut a tiny piece of frontend-like program that calls this huge MSHTML library, which many windows applications depend on. And they are all user land applications.
If you said something about most people run IE as Admin, I would believe you. But that's not really the issue here because most spywares and viruses and mass mailers can be installed in the home directory without any problem. ("PREFIX=~ ./configure" anyone?)
At where I work we are given at least two machines and can install whatever we want, including dual boot to other OS's. We are also allowed to listen to mp3 all the time while coding. Guess it's different culture.
So you are basically saying that lack of sandboxing limits the users control to their own machines. Seti@home runs perfectly fine in a heterogenius envirnment. distcc runs fine given that you have the right version of cc or cross compiler on that machine. you can even rlogin to usermode linux or vmware or something. It's your implementation that force you to put a DRM on each machine and take away users' power to do whatever they like to their own machine.
The environment you described is a situation where many people share a few machine. But in Microsoft people are given multiple machines to just play around. Nothing is really shared except files on file servers.
You also ignored the fact that Those are local admins, not DOMAIN admins. People cannot screw with other people's files no matter what if the admin rights are only local to users' own machines.
Why would you want other people to
At the end you also give an invalid example on how those rlogin machines have to be locked down. It has nothing to do with people's desktops. Do you rlogin to reception desk's computer to build a project? Think not.
Then what's the difference from giving the user admin access to his own machine? stuff in /bin or /etc are hardly critical compared to the data in your home directory, say, checked out source codes. IT people probably already have backup of those common directories but not user diretories.