> My argument is that preventing a user from running > applications is a more > secure approach than letting users run applications, but > checking those > applications' safety at runtime against an existing list of known bad > applications. Therefore, if I were to choose a single > mechanism for securing > desktops, it would be the former rather than the latter. To > the extent that > Vista makes this easier, I'm all for it, but the concept of > least privileges > is not a new thing, you know. Windows historically has had a > very strong > security model; unfortunately, very few people actually use it!
I agree, that approach is a lot more secure. That's why Unix and it's variants has done it that way for decades. ;) > I suspect that the vast majority of Windows users right here > on this list > fall into this category. If you're running as an > Administrator, and you have > antivirus software installed, that's you. When it comes to Windows, I am in that boat, but that's because people have told me that a lot of software just won't run if you're not an admin. And unlike Linux, there's no 'sudo' that works all the time in Windows. I've tried the 'runas' thingy you can get off resource kit CDs, but it didn't work for some things. However, word is that Windows Vista fixes all this, so when I get into that OS, I'll definitely run as a restricted user. I do that in Linux, and I also do it with Databases I administer. "EMF <idahopower.com>" made the following annotations. ------------------------------------------------------------------------------ This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. ============================================================================== ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:262257 Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4
