Language Selection

English French German Italian Portuguese Spanish

Fewer permissions are key to Longhorn security

Filed under
Microsoft

Software engineers who attend Microsoft's (Profile, Products, Articles) annual Windows Hardware Engineering Conference later this month could get their first taste of a new Windows user permissions model that could change the way thousands of programs are developed and run. But as the company prepares for the final Longhorn development push, questions remain about its plans for a new user privileges model called Least-Privilege User Account, or LUA.

Microsoft claims that LUA will make life tougher for hackers and virus writers by limiting access to administrator permissions on Windows systems. But the company has been mum in recent months about its plans for implementing LUA in Longhorn, and it is considering incentives to encourage adoption of LUA (pronounced "Loo-ah") by skeptical ISVs (independent software vendors), including a new logo program for LUA compliance, according to interviews with ISVs and industry experts.

Least permissions is a principle of computer security that recommends giving software applications and their users no more privileges on an operating system than are absolutely necessary. Widely accepted within the software development community, least permissions has often been overlooked in recent years, as operating system and application software companies worked to make it easier to use software, said John Pescatore, vice president of Internet security at Gartner.

Microsoft said it will encourage the use of least permissions in Longhorn by making it easier for users to do common tasks without administrator privileges. For example, the company may modify Windows so reduced permissions users can alter display and power management settings on their machine and use VPN (virtual private network) technology more easily. Other changes will allow developers to create per user installations of applications, with user-specific settings saved in the "my programs" folder, rather than a globally accessible program files directory that requires administrative permissions to change, according to documents and presentations on Microsoft's Web page.

Full Story.

More in Tux Machines

Vector Linux 7.1 Light

If you find yourself needing a new firefox but your computer and glibc is too old, Vector Linux 7.1 light will fit the bill. People who are more comfortable with a SysV style init over systemd will breathe a sign of relief. All in all VL 7.1 is a viable choice for users who wish to continue using their older computers with a modern web browser. Read more

Ubuntu Touch OTA-9.5 Hotfix on Its Way to Fix the Big Mir Issue on Ubuntu Phones

Canonical's Łukasz Zemczak today informs us that the Ubuntu Touch development team is considering and preparing to release the promised OTA-9.5 hotfix to Ubuntu Phones users to fix the big Mir issue that made users' smartphone unstable. Read more

Open Source Desktop: Good News and Bad News

The good news is that open source has become the leader on the desktop. The bad news is that a single desktop is not the leader, and that leadership on the desktop may no longer matter. Obviously, the first statement needs qualifications. It clearly does not refer to the number of users, since officially Linux has yet to break 2%, although, depending on your logic, the actual figure might be several times higher. Read more

KDE Applications 16.04 Release Schedule

The release schedule for the upcoming KDE Applications 16.04 bundle has been firmed up. The approved release schedule puts the KDE Applications 16.04 release on 20 April, while leading up to that is the dependency freeze on 16 March, the 16.04 freeze and beta release on 23 March, and the release candidate on 6 April. Read more