In comp.os.linux.advocacy, Barb Dwyer
<dwyer@xxxxxxxxx>
wrote
on Fri, 5 Oct 2007 10:51:39 -0400
<47064387$0$26479$88260bb3@xxxxxxxxxxxxxxxxx>:
>
> "AHappyCamper" <@thelandfill.com> wrote in message
> news:4706270d$0$24281$4c368faf@xxxxxxxxxxxxxxxxx
>> Barb Dwyer wrote:
>>> "The Ghost In The Machine" <ewill@xxxxxxxxxxxxxxxxxxxxxxx> wrote in
>>> message
>>> news:05uft4-j07.ln1@xxxxxxxxxxxxxxxxxxxxxxxxxx
>>>> In comp.os.linux.advocacy, Barb Dwyer
>>>> <dwyer@xxxxxxxxx>
>>>> wrote
>>>> on Thu, 4 Oct 2007 15:56:34 -0400
>>>> <4705397f$0$26455$88260bb3@xxxxxxxxxxxxxxxxx>:
>>>>> "Roy Schestowitz" <newsgroups@xxxxxxxxxxxxxxx> wrote in message
>>>>> news:1296050.xuN21MHPfF@xxxxxxxxxxxxxxxxxx
>>>>>> If Mac OS had a Linux Kernel....
>>>>>>
>>>>>> ,----[ Quote ]
>>>>>> | In my opinion, if it were to happen - Microsoft wouldn't even stand
>>>>>> a
>>>>>> chance
>>>>>> | on the desktop market.
>>>>>> `----
>>>>>>
>>>>>> http://www.jameshooker.com/sitev3/?p=72
>>>>>>
>>>>> So... what if it was? Exactly what benefits would MacOS get from a
>>>>> linux
>>>>> kernel compared to the current BSD kernel?
>>>>>
>>>>> Answer: None.
>>>>>
>>>>>
>>>>> About as relevant and intriguing as the age old question of "What if
>>>>> concrete were brown - How would that change the world?"
>>>>>
>>>>>
>>>> One might also phrase the related question:
>>>>
>>>> "If Windows had a Linux kernel".
>>>
>>> Would it make a difference? AFAIK the primary problem with Windows is
>>> security. But I don't believe that the Windows kernel is the weak-link in
>>> the security model. It's the apps that people typically run as
>>> Administrator
>>> that causes the problem. You could probably stick any sort of kernel you
>>> wanted underneath the user apps but as long as people continue to visit
>>> porn
>>> sites using IE while logged in as Administrator then the security problem
>>> is
>>> going to remain.
>>>
>>>
>>>> A partial answer is at http://www.winehq.org/ .
>>>
>>>
>>>
>>
>> If Windows used the Linux Kernel, it wouldn't be 'Windows'!
>
> And if dogs had wings they wouldn't be dogs.
Ah, you have touched upon the usual subcontext. So...what is
Windows? Is it:
[1] the Windows kernel, NTOSKRNL.EXE?
[2] Or is it kernel32.DLL?
[3] Is it the Win32 API?
[4] Is it the entire enchilada?
[5] Is it none of the above?
As a digression: a winged dog, to me anyway, is interpreted
as a canine with extensions along its back that might be
akin to an eagle's wings. A dog, of course, is a domesticated
member of the species Canus familiaris, bred to many varieties.
(I'll admit to wondering how one breeds a chihuahua with a
Great Dane. But that's best explored elsewhere.)
Applications, of course, will primarily be interested in
the user-level API, implemented in, among other places,
ws2_32.lib (socket library), winhttp.lib (presumably
the WinHTTP implementation for what used to be WinInet),
and w32skrnl.lib.
>
>
>> Windows has a 'system' but, no kernel. Isn't that really the problem?
>
> Apparently the problem is that you have no idea what you're talking about.
> Windows most certainly has a kernel. Spending 10 seconds with Google would
> have prevented you from making a foolish statement like this.
Windows has/had several kernels, depending on rev.
The Win95 kernel is quite different from the WinNT kernel,
for example.
>
>
>
>> Applications can be input to the registry in an auto-execute form, that
>> most users have no idea how to eliminate. Major trouble is IE.
>
> And there are plenty of places to "hide" the startup of various
> linux apps that most users will have no idea how to eliminate.
> And your point is?
Admittedly, it's interesting to contemplate exactly how one would
deal with the issue of webpages opening IE, even though another
browser is in fact registered and in use at the time.
>
>
>> The fact that IE has absolute access to the registry is a major problem,
>> evidenced in a few posts close by to this one, today.
>
> Again you have no idea what you're talking about because IE does *NOT* have
> "absolute" access to the registry. All of the keys in the registry have an
> ACL (access control list) associated with them. IE is a user application and
> it has read and/or write access to only the keys that the user would have
> read and/or write access to.
IE is also a multilayered affair (with IE4's installation system
a spectacular example thereof, although part of that might be
convenience/laziness on the part of Microsoft back then).
Presumably, in gross terms, IE consists of:
- an executable stub
- various accessor/helper libraries (WinInet, WinHTTP, the HTML
rendering engine proper).
- registry entries for those libraries.
Fairly typical, and in no way repudiates your point;
however, for historical reasons many users run their
Windows boxes with partial Administrator privileges
(otherwise, they can't install certain software).
I have no idea whether this is finally fixed in Vista
(or the IE subpackages therein). I doubt it. That's
the root cause, really.
For its part Linux does not solve the problem either;
the installation of software at the user level, however,
is at least possible, if the software doesn't require
certain privileges, in some cases. I've not tried to
install Gnome in my user account, for example.
(PATH, on Linux, works. For the longest time PATH on
MS-DOS only took 128 chars -- if that. Thank goodness NT
fixed that.)
I'd have to look regarding Gentoo's emerge, Debian's
dpkg/apt, and RedHat/Fedora's rpm options. Not all that
hopeful here, either, but at least Linux can build on
Unix's more or less successful partitioning of the problem;
Unix was multi-user when Microsoft was just a foundling
company in 1976, after all.
>
>
>> Repeated here:
>>
>>> Media Player Exploits: New Vectors, New Threats
>>>
>>> ,----[ Quote ]
>>> | They found that a fully patched Windows XP system running SP2
>>> | with IE6 or IE7 and Windows Media Player 9 will open any page
>>> | in IE, even if the user's default browser is Firefox, Opera or
>>> | any other installed browser. This means that even when running
>>> | other browsers that are more secure, all a user has to
>>> | do is open a media file to expose the computer to all IE
>>> | vulnerabilities.
>>> `----
>
> And how does this prove that "IE has absolute access to the registry"
> exactly?
>
It shows a misunderstanding of the problem. I'm frankly
not sure how to characterize it, except in the general
way that someone's engineered an end run around Mozilla's
protections.
Therefore, the vulnerability is not in IE proper, or
any of its submodules. Unfortunately, Google is being
reticent on the particulars; best I can do is
http://www.kb.cert.org/vuls/id/783400
which is two months old and was patched in 2.0.0.6; this
particular vulnerability is in Mozilla Firefox proper in
Windows (and maybe on other computer/operating systems
where protocol handlers are implemented outside of Firefox).
--
#191, ewill3@xxxxxxxxxxxxx
Useless C/C++ Programming Idea #104392:
for(int i = 0; i < 1000000; i++) sleep(0);
--
Posted via a free Usenet account from http://www.teranews.com
|
|
