A Fresh Look at Vista's User Account Control 332
Art Grimm writes to mention a post at Ed Bott's Microsoft Report on ZDNet. There, he talks about Vista's User Account Control, and the issues he sees with the setup as it exists now. From the article: "The UAC prompts I depicted in the first post are those that appear when you install a program, when you run a program that requires access to sensitive locations, or when you configure a Windows setting that affects all users. But as many beta testers have discovered, UAC prompts can also show up when you perform seemingly innocent file operations on drives formatted using NTFS. In this post, I explain why these prompts appear and why some so-called Windows experts miss the obvious reason (and the obvious fix)."
Re:This is not a good approach (Score:3, Interesting)
Re:Soon, Same As It Ever Was (Score:2, Interesting)
I always thought the best model for Aunt Sally would be a keyswitch on the front of the computer. Similar to those round-key locks that used to prevent boot-up.
If a program wants write access to Program Files, a dialogue box will pop up asking the user to turn the keyswitch to admin mode.
Now, hopefully Sally won't turn the keyswitch unless she knows she's trying to install something.
Games -vs- firewalls (Score:3, Interesting)
uh.. (Score:2, Interesting)
Re:Get a Mac. (Score:3, Interesting)
Vista's security model doesn't seem to ask for credentials in stupid places, unless the article writer believes that modifying the system folder should be the perogative of every user. What it does (Especially when running user apps) is show just how much applications rely on priveledged accounts. If the developers can get the program to work as expected without relying on admin rights, it will make users stop and think "Woah, why is this asking me for the admin password? What is it trying to do?"
I have no objection to being prompted every time something wants to mess with a system file. I object to being prompted every time something wants to mess with a system file because the application is piss-poorly designed.
It's worse than that actually (Score:3, Interesting)
Unless Vista allows customizing generic "UAC" dialog (with an image or a text) or easily authenticate it in some other way, UAC being ON appears to pose a greater risk to a system security then when it is OFF.
Re:Problem/Issue is obvious if you understand Unix (Score:3, Interesting)
Foreign is the right word, but the problem is more extensive and pervasive than familiarity or experience. First there is that mess called the registry and its tortured permission structure. Then there is an incoherent file system hierarchy where anything can be just about everywhere, except for what's supposted to in SYSTEMROOT or system32, which is where everything gets dumped anyway to avoid creating a path that's a mile long. Then there's Windows bizarre concept of file ownership. I create a file, but some other group owns it instead, but it's almost always executable by everyone, so no worries, right? Executable JPGs and GIFs and text files. LOL. Short of right-clicking one's way through the registry and file system, I doubt anyone knows and or manages anything, Microsoft included. And then, of course, there's all those services
Sorry, but Microsoft will have to reinvent themselves a few more times before they discover Unix and these problems go away. These perennial discussions of "running as Administrator" vs. "running as a member of the Administrator's Group" vs. "running with limited privileges" obscure the real problems, and New and Improved Changes by Microsoft only mitigate the existing chaos. Get a typical home user to run with low privileges? Woohoo. That takes care of everything, doesn't it?
DOS-style attributes in combination with an overcomplex ACL/policy-based system and a nutty bunch of default user and group acounts (SYSTEM, anyone?) is painful enough without the embarassing lack of tools. I give it a few more years before they get round to giving us a terminal window in which perms and ownership are clear and visible, using chmod and chown become standard practice, and an appropriate umask can be defined. Should I hold my breath, I wonder?