Re: Weird situation
- From: "Barton L. Phillips" <barton@xxxxxxxxxxxxxxxxxx>
- Date: Sat, 16 Dec 2006 18:49:21 GMT
Ertugrul Soeylemez wrote:
"Barton L. Phillips" <barton@xxxxxxxxxxxxxxxxxx> (06-12-16 06:09:22):I certainly agree and don't get me wrong I HATE Windows. As far as I am concerned Windows is and has always been broken. Year after year Microsoft has added new features but has seldom really fixed any of the standing problems.
I have seen a lot of enterprise Windows shops and almost all of them
have a VERY restricted user policy. No casual user has "Administrator"
(root) privilege. These shops are just a locked down as any Unix shop
and in some cases more locked down as they also use policies to
restrict use of applications and ACL (access control lists) to
restrict privileges (something which Linux has only recently started
to support). These enterprise shops have a full time staff of IT
people that have been trained and get good pay. End users do NOT under
any circumstance get to install anything. It can be pretty draconian
but it works just like the Sun shops I worked in. If you need it done
you have to call the IT people who come and do it and leave.
Most people just don't have the understanding or patience for this at
home. Windows biggest problem, in my opinion, has been there is no
equivalent to su or sudo. Windows does have a "Run As" mechanism but
it is disabled by default and it is just too hard to make work, if
fact it is just plane broken. Linux distributions like Ubuntu make it
pretty easy for a person to keep from living as root. The sudo
mechanism works pretty well, though it is a problem if a person is too
uninitiated. It is also not a good distribution, in my opinion, for an
enterprise shop as it is too easy to be root and destroy everything.
I hope I don't get flamed for this. As I said it is just my opinion
and I could be wrong.
In some matters, yes. The problem of Windows is, that security means
restriction. To secure something up, you need to prohibit at least this
particular thing. For example, in Linux you can do almost anything as a
normal user, besides changing system-wide things.
In Windows, such a configuration is not possible. Some people might
consider this security by obscurity. Like I have to prohibit my
children from turning on the TV themselves, so I get control over which
programs they watch.
Regards,
E.S.
Having ranted the above, I have worked in environments where Windows has been made to work and is pretty darn secure. This has taken tremendous effort from the IT staff and an enlightened management but it was done. The poor IT guys had to come in in the middle of the night to do almost all upgrades and patches because every machine in the enterprise would have to be rebooted many times during the process. However, with dedication and a awful lot of very hard work Windows can be made usable and basically secure.
Why anyone would want to go through such pain is hard for me to understand, especially now with so many very good and usable alternatives. But then again what do I know?
.
- Follow-Ups:
- Re: Weird situation
- From: Ertugrul Soeylemez
- Re: Weird situation
- From: Moe Trin
- Re: Weird situation
- References:
- Weird situation
- From: Andy C.(never #)
- Re: Weird situation
- From: Matt Hayden
- Re: Weird situation
- From: Matt Hayden
- Re: Weird situation
- From: s. keeling
- Re: Weird situation
- From: Andy C.(never #)
- Re: Weird situation
- From: Moe Trin
- Re: Weird situation
- From: Andy C.(never #)
- Re: Weird situation
- From: Moe Trin
- Re: Weird situation
- From: Barton L. Phillips
- Re: Weird situation
- From: Ertugrul Soeylemez
- Weird situation
- Prev by Date: Re: Could this have been expected
- Next by Date: Re: Could this have been expected
- Previous by thread: Re: Weird situation
- Next by thread: Re: Weird situation
- Index(es):
Relevant Pages
|
|
