Language Selection

English French German Italian Portuguese Spanish

Fewer permissions are key to Longhorn security

Filed under
Microsoft

Software engineers who attend Microsoft's (Profile, Products, Articles) annual Windows Hardware Engineering Conference later this month could get their first taste of a new Windows user permissions model that could change the way thousands of programs are developed and run. But as the company prepares for the final Longhorn development push, questions remain about its plans for a new user privileges model called Least-Privilege User Account, or LUA.

Microsoft claims that LUA will make life tougher for hackers and virus writers by limiting access to administrator permissions on Windows systems. But the company has been mum in recent months about its plans for implementing LUA in Longhorn, and it is considering incentives to encourage adoption of LUA (pronounced "Loo-ah") by skeptical ISVs (independent software vendors), including a new logo program for LUA compliance, according to interviews with ISVs and industry experts.

Least permissions is a principle of computer security that recommends giving software applications and their users no more privileges on an operating system than are absolutely necessary. Widely accepted within the software development community, least permissions has often been overlooked in recent years, as operating system and application software companies worked to make it easier to use software, said John Pescatore, vice president of Internet security at Gartner.

Microsoft said it will encourage the use of least permissions in Longhorn by making it easier for users to do common tasks without administrator privileges. For example, the company may modify Windows so reduced permissions users can alter display and power management settings on their machine and use VPN (virtual private network) technology more easily. Other changes will allow developers to create per user installations of applications, with user-specific settings saved in the "my programs" folder, rather than a globally accessible program files directory that requires administrative permissions to change, according to documents and presentations on Microsoft's Web page.

Full Story.

More in Tux Machines

The Linux Test Project has been released for September 2015

Good news everyone, the Linux Test Project test suite stable release for *September 2015* has been released. Since the last release 272 patches by 27 authors were merged. Notable changes are: * Network namespace testcases were rewritten from scratch * New user namespaces testcases * New testcases for various virtual network interfaces * New umount2() testcases (for UMOUNT_NOFOLLOW, MNT_EXPIRE and MNT_DETACH flags) * New open() testcase (for O_PATH flag) * New getrandom() testcases * New inotify, cpuset, futex_wake() and recvmsg() regression tests + The usual number of fixes and enhancements Read more

Smart touchscreen dev kit runs Android on quad-core i.MX6

Gateworks announced a 7-inch touchscreen Android development kit, with a quad-core i.MX6 SoC, GbE, WiFi, BT, GPS, USB, serial I/O, and dual mini-PCIe slots. The Gateworks “GW11036″ Embedded Android Development Kit is aimed at easing the process of developing smart touchscreen-interfaced systems for use in a wide range of applications, including those requiring extended temperature operation. The kit builds on the company’s GW5224 single board computer, adding a 7-inch, 1024 x 600-pixel TFT display, capacitive touchscreen, wireless modules, and a customized, microSD-bootable, Android KitKat operating system. Read more

13 Ways You Can Help Desktop Linux To Grow

This is the condition when there are over 300 Linux distributions with a number of them being desktop focused. Linux was (and still) considered to be the “geek only” zone with the biggest misconception that one need to know the command line to use Linux. Times have changed. Linux is a lot more user-friendly than what it used to be in late 90’s or early 2000. The chances for Linux to gain market share is now and you definitely could help in this cause. Read more

Today and Yesterday in Techrights