Language Selection

English French German Italian Portuguese Spanish

Fewer permissions are key to Longhorn security

Filed under
Microsoft

Software engineers who attend Microsoft's (Profile, Products, Articles) annual Windows Hardware Engineering Conference later this month could get their first taste of a new Windows user permissions model that could change the way thousands of programs are developed and run. But as the company prepares for the final Longhorn development push, questions remain about its plans for a new user privileges model called Least-Privilege User Account, or LUA.

Microsoft claims that LUA will make life tougher for hackers and virus writers by limiting access to administrator permissions on Windows systems. But the company has been mum in recent months about its plans for implementing LUA in Longhorn, and it is considering incentives to encourage adoption of LUA (pronounced "Loo-ah") by skeptical ISVs (independent software vendors), including a new logo program for LUA compliance, according to interviews with ISVs and industry experts.

Least permissions is a principle of computer security that recommends giving software applications and their users no more privileges on an operating system than are absolutely necessary. Widely accepted within the software development community, least permissions has often been overlooked in recent years, as operating system and application software companies worked to make it easier to use software, said John Pescatore, vice president of Internet security at Gartner.

Microsoft said it will encourage the use of least permissions in Longhorn by making it easier for users to do common tasks without administrator privileges. For example, the company may modify Windows so reduced permissions users can alter display and power management settings on their machine and use VPN (virtual private network) technology more easily. Other changes will allow developers to create per user installations of applications, with user-specific settings saved in the "my programs" folder, rather than a globally accessible program files directory that requires administrative permissions to change, according to documents and presentations on Microsoft's Web page.

Full Story.

More in Tux Machines

Uselessd: A Stripped Down Version Of Systemd

The boycotting of systemd has led to the creation of uselessd, a new init daemon based off systemd that tries to strip out the "unnecessary" features. Uselessd in its early stages of development is systemd reduced to being a basic init daemon process with "the superfluous stuff cut out". Among the items removed are removing of journald, libudev, udevd, and superfluous unit types. Read more

Android One: Let us fill you in on Google’s big game

India is now the world’s third largest Internet market and “on a bullet train to become the second”. But even when we become the second with around 300 million Internet users, India would still have over 75 per cent of the population that has no access to this so-called information superhighway. It is this chunk of population that will form the “next billion” which companies like Nokia, and now Google, has been talking about. And it is this next billion that Google thinks will line up to buy and good smartphone that is also affordable. Read more

Mesa Gets Closer To Having OpenGL 4.0 Tessellation Support

A significant patch-set was published on Saturday night that implements the driver-independent bits of OpenGL 4's ARB_tessellation_shader extension inside Mesa. The tessellation support has been one of the big pieces missing from Mesa's OpenGL 4 implementation and fortunately it's getting close to mainline. Chris Forbes of Intel published fifty-six patches this weekend that implement the driver-independent portions of the extension inside Mesa. Of course, the driver portions still need to follow for it to be useful. Read more

Small Console Menu Utilities

One of the great strengths of Linux is the whole raft of weird and wonderful open source utilities. That strength does not simply derive from the functionality they offer, but from the synergy generated by using them together, sometimes in conjunction with applications. The Unix philosophy spawned a "software tools" movement which focused on developing concise, basic, clear, modular and extensible code that can be used for other projects. This philosophy remains an important element for many Linux projects. Good open source developers writing utilities seek to make sure the utility does its job as well as possible, and work well with other utilities. The goal is that users have a handful of tools, each of which seeks to excel at one thing. Some utilities work well on their own. This article looks at four tiny utilities that offer menu facilities. They get virtually zero coverage in the Linux press, so you may not have heard of them before, but they are well crafted and might just fit the bill. Read more