Windows Vista

  • Thread starter Sprinter
  • Start date
  • #26
508
1
chroot said:
Are you actually seriously asking this question?
- Warren
Yes, I really would not know any reason not to be admin....
 
  • #27
chroot
Staff Emeritus
Science Advisor
Gold Member
10,226
34
gerben said:
Yes, I really would not know any reason not to be admin....
Because people make mistakes -- even you. There's no reason to use administrator privileges when you don't need them; doing so leaves you much more vulnerable to deleting a file you didn't mean to delete, or allowing a malicious program you didn't mean to run access to critical OS components. If all you're doing is browsing the web or typing a paper, you don't need administrator access to your entire system.

This is standard operating practice in the Unix world, which is much more accustomed to multiple users; you only invoke superuser privilege when you need it to adjust something on the system, then return to your own user account when you're done.

- Warren
 
  • #28
508
1
chroot said:
Because people make mistakes -- even you. There's no reason to use administrator privileges when you don't need them; doing so leaves you much more vulnerable to deleting a file you didn't mean to delete, or allowing a malicious program you didn't mean to run access to critical OS components.
Yes, you are right that it may leave me less vulnerable but it also leaves me less powerful. I just do not like to have to type in the administrator’s password every time I want to change some setting.
chroot said:
If all you're doing is browsing the web or typing a paper, you don't need administrator access to your entire system. This is standard operating practice in the Unix world, which is much more accustomed to multiple users; you only invoke superuser privilege when you need it to adjust something on the system, then return to your own user account when you're done.
- Warren
Yes, I have heard much about this business when using Linux (I have winXP and Linux installed), but I also run Linux always as user “root”. Friends, who admittedly knew much more about computers than me, always advised me not to run it as root. However, I never understood why it was that important. I just get annoyed when I cannot access a file or a directory, or when I am not allowed to execute a file. I mean if I want to execute the file, then I want to do that, so when I find out that I first have to “sudo” it then I will do that, which has the same result as when I had the right to execute it in the first place; it only takes more effort (to make my potential mistake).
I do like the possibility to disallow other people that use my computer to make major and possibly dangerous changes to my system, but I do not see any use in limiting myself in this respect.
In my opinion the concept of limiting the rights of users seems to be useful only in managing the actions of the possibly incapable users of your system, but never in limiting your own privileges. Therefore I understand that almost all winXP users are administrators on their own systems.
Anyway, what it all comes down to is that the repetitive inquiry for the superuser password seems much like excessive asking of questions like: ”Are you really sure you want to do this?”
 
  • #29
dduardo
Staff Emeritus
1,890
3
I have no doubt people are going to become numb entering their admin password to change settings. When this happens you have a dangerous situation where people enter their password into anything that asks for it. Which just brings use back to what we have now.
 
  • #30
chroot
Staff Emeritus
Science Advisor
Gold Member
10,226
34
gerben said:
Yes, you are right that it may leave me less vulnerable but it also leaves me less powerful. I just do not like to have to type in the administrator’s password every time I want to change some setting.
On a properly configured machine, you can change almost anything you want about your own environment without ever needing to use root. The only reasons you'd need to use root are to change your filesystem structure, install OS updates, or change your startup procedures -- things you rarely do.
However, I never understood why it was that important.
The first time you accidentally rm -fR the wrong directory, you'll understand. If you're incapable of error, then I suppose this is not a concern, but most of us are not inerrant.
Anyway, what it all comes down to is that the repetitive inquiry for the superuser password seems much like excessive asking of questions like: ”Are you really sure you want to do this?”
There's more to it than that. If you're running as admin, and you visit a website that has been hijacked with some malicious content, your computer is going to become infected, and might become unusable. It wouldn't have happened if you were not running as admin.

Keep in mind that dduardo and others here are complaining that, on Windows, you DO need admin access to do practically anything. This is not the case on properly configured Linux machines, where 99% of the work most users will ever do does not require it.

Also, on Unix, running a root shell is very dangerous when you're using interactive programs on the command line. Many common programs can be coerced into running arbitrary commands through a shell; if you run these programs with root access, such attackers will also have root access.

You are correct that it's not a "big deal" in the sense that few people's personal computers contain any data valuable enough to bother with much protection against would-be attackers, and Windows is largely a personal operating system. On the other hand, immense, mission-critical servers have to be handled with every possible precaution.

- Warren
 
  • #31
14
0
Hey gerben, my computer literate uncle thought the same thing, until I managed to delete some key files on his windows desktop. Or did I just format the drive?

So, since kids tend to learn fast, what makes you think some 8 or 9 year old family member won't just go nuts on your drive?

They don't need to know some sort of L337 security hole if they have superuser by walking up to the monitor. I don't like for my screensaver to ask for my password, but it makes sure that my father doesn't get any bright ideas.

And most of the time, at least with a unix style security policy, you can execute those programs if you have permissions for it. Windows is far too broad about it's policy, which is why it sucks. I was hoping they would understand that.:frown:
 

Related Threads on Windows Vista

  • Poll
  • Last Post
Replies
22
Views
4K
  • Last Post
2
Replies
37
Views
4K
  • Last Post
Replies
20
Views
3K
  • Last Post
2
Replies
30
Views
5K
Replies
21
Views
14K
  • Last Post
Replies
6
Views
2K
Replies
1
Views
2K
Replies
39
Views
3K
  • Last Post
Replies
15
Views
1K
Replies
15
Views
8K
Top