On Sun, Dec 14, 2008 at 1:37 PM, Paul Hill <[email protected]> wrote: > > http://en.wikipedia.org/wiki/Windows_nt > > "NT supported per-object (file, function, and role) access control > lists allowing a rich set of security permissions to be applied to > systems and services."
I would suggest that security is far more complex than simple feature lists. That downloads are immediately executable is a huge flaw. That there are many ways to disguise ActiveX controls in browsers such that unsuspecting users download infectedware and run it on their machines is a massive flaw. > Basically Windows security is more fine-grained than the traditional > Unix model (user, group, world) in that you can have much more control > over what a user can do to a folder/file, though there is a POSIX ACL > api (don't know much about that). If that's all there was to security, that might be true. There are several ways to extend the basic ACL model. The many Unix varients have layers of security with features like SELinux, two-way firewalls, intrusion detection facilities, etc. A skilled practitioner on any platform, Windows, Mac or *Nix, can tune it up to the necessary level of security, at least if we're talking about levels short of Tempest requirements. But, out of the box in the hands of a consumer,... > But as I said, great security is useless if the default install gives > you admin rights... Yep. -- Ted Roche Ted Roche & Associates, LLC http://www.tedroche.com _______________________________________________ Post Messages to: [email protected] Subscription Maintenance: http://leafe.com/mailman/listinfo/profox OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech Searchable Archive: http://leafe.com/archives/search/profox This message: http://leafe.com/archives/byMID/profox/[email protected] ** All postings, unless explicitly stated otherwise, are the opinions of the author, and do not constitute legal or medical advice. This statement is added to the messages for those lawyers who are too stupid to see the obvious.
