[cap-talk] Whether principals' authority can increase
David Wagner
daw at cs.berkeley.edu
Wed Sep 24 13:52:15 CDT 2008
Raoul Duke write:
>as an aside, seems like there are grossly potentially 2 types of
>users: one is that you have a user who understands the computer setup
>and would not try to manually over-write /etc/password, but the other
>is your generic user who doesn't and shouldn't have to grok computer
>nuances; in the latter case, i assume it an external problem to make
>sure they don't do something bad by mistake e.g. by having OS rollback
>features.
Normally ordinary users aren't given permission to overwrite
critical system files. Doesn't that solve the particular problem
you mentioned?
(OK, some older versions of Windows where users run as administrator
do form one important exception, but Microsoft has seen the light and
is trying as hard as they can to transition everyone away from
the run-as-administrator model, so that doesn't really count in my
mind.)
More information about the cap-talk
mailing list