On Sunday 27 April 2008, Peter Humphrey wrote: > On Friday 25 April 2008 06:45:34 Alan McKinnon wrote: > > Elog messages with yellow stars should *never* be ignored. Unlike > > UAC, they are not there with the express purpose of annoying users. > > Having no knowledge of Vista, nor a wish to try it, what is a UAC? > Google tells me it's a "Universal air connection for scba", which > doesn't seem right here.
User Access Control. Microsoft's implementation of a "get authorisation to do this before doing it" thingy. There are two good ways to do this and a plethora of wrong ways. The right ways: 'su -' and become root where everything is allowed. 'sudo' or a gui derivative. If the user has been authorized by root, just run the whole command with root priviledges as the user can obviously be trusted. Microsoft's wrong way: Intercept every single action that requires root priviledges and give a popup to confirm. Half the time the user has no idea what the machine is on about and just clicks "Yes". Heck, I was trying to install OpenVPN on Vista and had no idea what it was on about half the time, and I have 20 years solid technical experience backing me up. WHat chance does Aunt Tilly or your grandma stand? Microsoft's stated reason for this is to annoy users so much that they will annoy 3rd party developers who will write software that doesn't need root to install. Hmmmm. I dunno, I have a healthy tin foil hat. Here's what I think: Users will become so annoyed with UAC that they will find the hidden box that says "click here to never receive these popups again" and blog it. Many users will do it, Microsoft doesn't have to bother with security all that much anymore and we are back to XP behaviour with machines infested with malware, opening up a nice revenue stream for "New! Improved! Microsoft Anti-Virus!" (and taking out Norton in the process). Except this time it's not the default behaviour, the user deliberately clicked the button so they take responsibility now and Microsoft is off the hook for deliberately shipping unsafe software that does not perform to reasonable expectations. Sudo is so much better and infinitely less intrusive. It's also a solved problem years ago. Why didn't they use it? </end of rant> -- Alan McKinnon alan dot mckinnon at gmail dot com -- gentoo-user@lists.gentoo.org mailing list
