> All the features required of mature operating systems were > added as an afterthought and not designed in. Such things as > memory management and file access control
They've been designed into the Windows NT based OS from the start. > on a single user/single process/non-network OS. To maintain > backward compatibility with DOS and Windows 95, key OS data > structures have many assumptions about things like buffer > size that lead to buffer overflows. Witness the assumption > about machine names that led to Slammer. Which is an implementation issue, not a design issue. The whole Microsoft > OS effort has been to grow from a system designed for minimal > size machines such as the 640K PC to something that can be > used as a system for commerce. Features have been bolted on > as they are deemed sellable to make a profit. It wasn't until > NT that the file system even had the concept of access > control So since around 1993 then? and backward compatibility has meant that the default > ACL is give everyone full control. Which has now changed (and a good thing too) > Unix, by contrast, has always been designed as a > multi-user/multi-process system so things like file security > and separation of processes are inherent. That's a bit of a stretch. Unix has had security bolted on after the fact as well - it's just got about ten years head start on Windows. Your mail seemed to switch between issues relating to design and issues relating to implementation - from what I can gather the design of the NT OS is a good one (Things like ActiveX excluded), but the implementation has been full of holes. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
