PDA

View Full Version : Sudo in Windows Vista!



Nequeo
August 17th, 2005, 05:24 AM
Thought this was interesting...

http://www.winsupersite.com/reviews/winvista_beta1_03.asp



Behind the scenes, Windows Vista is running under a vastly reduced privilege level automatically. When the system requires an elevated privilege level, the dialog appears and you provide a password. This password is good only for the action you initiated. Everything else you do--even while the elevated action runs--happens with reduced privileges.


Sound familiar? :)

professor_chaos
August 17th, 2005, 05:30 AM
Ha, figures. Everything else was hacked, why not sudo.

Morpheus: Unfortunately, no one can be told what the Matrix is. You have to see it for yourself.

Morpheus: The Matrix is a system, Neo. That system is our enemy. But when you're inside, you look around, what do you see? Businessmen, teachers, lawyers, carpenters. The very minds of the people we are trying to save. But until we do, these people are still a part of that system and that makes them our enemy. You have to understand, most of these people are not ready to be unplugged. And many of them are so inert, so hopelessly dependent on the system, that they will fight to protect it.

sapo
August 17th, 2005, 05:55 AM
I m sure that the first thing that most windows users are gonna do is DISABLE this feature cause they are gonna say that the password window is annoying...

And off course that it is gonna have a "disable" button, or maybe when you install windows its gonna ask if you want to enable it or not....

Windows XP has a admin password.. but i never used it.. always left it blank.. why do you think people are gonna use this stuff?

Nequeo
August 17th, 2005, 06:27 AM
I don't.

You are absolutely right, there will be an 'off' switch. And they probably will turn it off (though rumour is that it will be switched on by default). In fact, the article goes so far as to state that the sheer number of windows processes that cause that pop-up box to appear is alarming, and will annoy people.

I just find it amusing that this is reguarded in the MS world as 'innovation'.

drizek
August 17th, 2005, 06:41 AM
the features can be turned off on first boot. you get a dialogue asking you if yo uwant to keep it or not, and the deafult action is no.

poofyhairguy
August 17th, 2005, 08:10 AM
Thought this was interesting...

http://www.winsupersite.com/reviews/winvista_beta1_03.asp



Sound familiar? :)

Windows programs that need to run as an administrator won't all work with it I bet. Programs will have to be designed for it, and people will just run as an admin anyway.

jerome bettis
August 17th, 2005, 09:54 AM
http://common.ziffdavisinternet.com/util_get_image/10/0,1425,sz=1&i=102880,00.jpg

doclivingston
August 17th, 2005, 10:13 AM
The problem is that quite a few windows applications, both free and commercial, won't run if they don't have administrator access. This is due to them doing things they are not supposed to, such as writing to their directory in "Program Files".

The end result is that to use those programs users are going to have to enter the password *every* time they run one of those apps, or just disable it. You can guess which is going to happen.

newbie2
August 17th, 2005, 08:51 PM
http://www.ehomeupgrade.com/entry/1182/what_windows_vista

Takis
August 18th, 2005, 12:09 AM
http://common.ziffdavisinternet.com/util_get_image/10/0,1425,sz=1&i=102880,00.jpg
I don't usually say this but

OMFG
Microsoft ought to be SHOT. Then hung, drawn and quartered. Then burnt and its ashes spread to the corners of the Earth. I can't express just how much this has really aggravated me.

Brunellus
August 18th, 2005, 12:13 AM
I don't usually say this but

OMFG
Microsoft ought to be SHOT. Then hung, drawn and quartered. Then burnt and its ashes spread to the corners of the Earth. I can't express just how much this has really aggravated me.
they're providing the 'windows experience' to their users.

give 'em what they want.

Nequeo
August 18th, 2005, 12:33 AM
I guess Mr Flibble really is cross!

The sad thing is, I believe Microsoft has the weight and leverage needed to force 'sudo' or least-privaledged-user, or whatever they call it, on people. Really, they are huge. If they made it non-intuitive to turn off... and they kinda implied, (while tapping a crowbar against their thighs), that developers ought to pay attention to this kind of thing... Well, perhaps things might change for the better a little.

But that box! *shudder*

Working as an IT consultant, it has become perfectly clear to me that your average computer user does not look at the screen.

Seriously. We had one client who managed to run Microsoft Word 50 times without activating it, and then call us in a panick when it stopped working. That means they clicked 'cancel' 50 times without once stopping to read that box that was popping up on their screen. This is not unusual behaviour.

Anyway. It's Not My Problem anymore. Sorry for the rant :)

Tiede
August 18th, 2005, 01:34 AM
here is something else intersting...Microsoft is catching on on Unix-like linking.

From the Part 2 (http://www.winsupersite.com/reviews/winvista_beta1_02.asp) Virtual Folders don't actually contain anything per se. They're not "real" folders. You can't save a document to the All Documents Virtual Folder, but you can save a document to the Documents folder. Once you've saved that file, however, it will appear in both locations

Solomon
August 18th, 2005, 03:36 AM
Let's all face the fact. Windows Vista will be a piece of crap just like every other Microsoft product has been. An example of this is on the IE blog. IE7 will support webstandards but will not adhere to them all. They just "dont have time" to make IE support ALL webstandards which I find to be absolutely hilarious. Too many bathroom breaks if you ask me.

This new Sudo like approach... It makes me laugh. Its still part of Windows thus making it useless.

darkmatter
August 18th, 2005, 03:55 AM
http://common.ziffdavisinternet.com/util_get_image/10/0,1425,sz=1&i=102880,00.jpg

Ha! Talk about defeating the purpose of security.

More of Microsoft's "Don't read, Just click" policy.

Kerberos
August 18th, 2005, 04:28 AM
Looks to me that Microsoft is just trying to fix the 'everyone is root' situation. This is beta software, not final so any absolute judgements on it are meritless anyway as thats the whole point of a beta isn't it?

Also out of interest does anyone have a better solution that doesn't break backwards compatibility with just about everything?

endy
August 18th, 2005, 05:00 AM
Seems like MS are in a tricky situation, they allowed developers to assume root privilage and now they see the security benifit of changing that. However imagine how many businesses WONT upgrade to vista if they have to re write all their custom apps...

MS should start from the ground up I think, but then why bother they should just use a linux or BSD base and work from there... chances of this happening? :P

I tried to run XP in a limited account and it's almost impossible to get much functionality from it on a day to day basis, not to mention games didn't work :(

WildTangent
August 18th, 2005, 05:04 AM
so, windows will have its own pseudo sudo©....

LOL im sorry, i had to...

the term "pseudo sudo" © Justin Hayes 2005

-Wild

Brunellus
August 18th, 2005, 05:45 AM
Looks to me that Microsoft is just trying to fix the 'everyone is root' situation. This is beta software, not final so any absolute judgements on it are meritless anyway as thats the whole point of a beta isn't it?

Also out of interest does anyone have a better solution that doesn't break backwards compatibility with just about everything?
nope.

And there's the rub: windows has had this problem from its very inception. *nix systems were never built this way, and thus never had this problem.

It's just two different ways to run a computer. Each has its consequences.

weasel fierce
August 18th, 2005, 05:50 AM
Well, its a step in the right direction.

Im rather dubious that this will work, without massive compatibility issues, but its better than what they have done so far

doclivingston
August 18th, 2005, 05:53 AM
Seems like MS are in a tricky situation, they allowed developers to assume root privilage and now they see the security benifit of changing that.

It's not so much that they let developers assume root privileges, it's that with 95/98/ME there was nothing but root privileges.

GreyFox503
August 18th, 2005, 06:16 AM
I always wondered what the purpose of the 'Administrator' account was on a Windows machine. I've never had to log into it once for any reason, except out of curiosity. Have any of you ever had to use it?

WildTangent
August 18th, 2005, 06:23 AM
I always wondered what the purpose of the 'Administrator' account was on a Windows machine. I've never had to log into it once for any reason, except out of curiosity. Have any of you ever had to use it?
nope. i can do anything the administrator account can do from the comfort of my own account :P oh wait...i do recall one time when i used it. this was before i had my own computer, my parents grounded me from the computer, and put passwords on all the accounts. but the administrator account doesnt show in the user control panel, and it didnt have a password by default. a simple double tap of ctrl+alt+del at the welcome screen, with no one else logged in gives you the classic login prompt, so i logged into admin to catch up on my emails :P

-Wild

drizek
August 18th, 2005, 06:23 AM
I always wondered what the purpose of the 'Administrator' account was on a Windows machine. I've never had to log into it once for any reason, except out of curiosity. Have any of you ever had to use it?
AFAIK, its for when you **** up your normal account and you need admin privelages to make a new one.

also used in safe mode.

nrayever
August 18th, 2005, 06:24 AM
nice try for M$ for trying to copy sudo function. but as was told in this thread: must winbugs users don't even read what's about the warning window. the common winbugs user just clicks on ok, and they don 't even know what they r really doing. sure must of "us" as an old M$ users did that. do u think that know is really going to change now with vista????

M$ is giving u more possibilities to f&%# up your pc, but with "pseudo sudo" privileges. so know ur really going to blow up your pc!! as a dummy "super-user!!!" NICE!!! :grin: :grin: :grin:


"pseudo-sudo" was copyrighted by WildTangent, And maybe later will be patented by WildTangent....... only if M$ haven't try it first!!! :grin: :grin: :grin:

WildTangent
August 18th, 2005, 06:26 AM
M$ is giving u more possibilities to f&%# up your pc, but with "pseudo sudo" privileges. so know ur really going to blow up your pc!! as a dummy "super-user!!!" NICE!!! :grin: :grin: :grin:
you must not have read the fine print, ive copyrighted that term ;)

-Wild

Takis
August 18th, 2005, 01:33 PM
I always wondered what the purpose of the 'Administrator' account was on a Windows machine. I've never had to log into it once for any reason, except out of curiosity. Have any of you ever had to use it?
Just one of those built in things. If it really annoys you, just go in and delete it- oh, wait, it's Windows. You can't do what you want to do because Microsoft Knows Best.

Silly Takis.

endy
August 18th, 2005, 03:37 PM
I'm surprised so many people find running XP on a limited non admin account works so well. I gave up on XP after I couldn't play Doom3 without logging in as admin :(

Root access just to play a game? Not my idea of a good OS.

WildTangent
August 18th, 2005, 10:30 PM
I'm surprised so many people find running XP on a limited non admin account works so well. I gave up on XP after I couldn't play Doom3 without logging in as admin :(

Root access just to play a game? Not my idea of a good OS.
i think you misunderstand. as far as i can see, there have not been any positive comments about the limited account. for myself personally, all my accounts on my various windows computers are admin accounts. not the super-user accounts you normally create when you make a new account and set it to admin. may be dangerous...but im very diligent when it comes to security, and i havent had a virus in over a year. then, i do run windows server 2003 on my main box, and use its highly customizeable user permissions...so i suppose that helps alot

-Wild

Takis
August 18th, 2005, 10:35 PM
I'm surprised so many people find running XP on a limited non admin account works so well.
WildTangent's right, I think we're all talking about the built-in administrative account 'Administrator' (like how there's a built-in 'Guest' account), as opposed to an account 'bob' which has administrative rights.

Back on topic:
What on earth is the point of a new security feature if the very first option you're given is to turn the thing off?
ARGH Windows has really gone and done exceptionally stupid. Why don't they open up all ports while they're at it? ](*,) ](*,) ](*,) ](*,) ](*,)

GreyFox503
August 18th, 2005, 11:29 PM
Just one of those built in things. If it really annoys you, just go in and delete it- oh, wait, it's Windows. You can't do what you want to do because Microsoft Knows Best.

I felt a shiver when I read that.... kinda disturbing.

I forgot to add that I don't have Windows installed now, so it doesn't bother me anymore. :-P

darkmatter
August 19th, 2005, 12:03 AM
Why don't they open up all ports while they're at it? ](*,) ](*,) ](*,) ](*,) ](*,)

Because most the ports are already open by default? :-P

endy
August 19th, 2005, 04:43 AM
RE: WildTangent & Takis

Ok, I see what you mean now but my point still stands - you have to run an admin level account to get work done. If that were the same in linux I guess it would be like running everything with sudo infront.

Sorry to go on and on but this is my main gripe about windows, the rest I think I can almost deal with :)

benplaut
August 19th, 2005, 06:01 AM
all ports while they're at it? ](*,) ](*,) ](*,) ](*,) ](*,)

what's the point? they're already open!

<<edit>>

woops... redundant

nrayever
August 19th, 2005, 06:28 AM
you must not have read the fine print, ive copyrighted that term ;)

-Wild

ok i have make some changes to my reply, i hope u like it!!! :grin: :grin:

nrayever
August 19th, 2005, 06:31 AM
Because most the ports are already open by default? :-P

nice answer!!, sad fo must winbugs users, but true!! linux rocks!!

poofyhairguy
August 19th, 2005, 08:40 AM
Sorry to go on and on but this is my main gripe about windows, the rest I think I can almost deal with :)

I agree. If this works it would be great. But I really don't believe this can be done without breaking a lot of old apps. And if only new apps can use it, whats the point?