On Mon, Sep 28, 2009 at 4:05 PM, <[email protected]> wrote: > Most Windows security issues today have little to do with Windows "security > model"
This I mostly agree with. I think there are advantages in the *nix world, but none of those areas are currently being widely exploited by attackers. The widespread attacks are all about tricking lusers into willing installing malware, and the exploit-of-the-week in commonly exposed software. One thing I find intriguing is the idea of "integrity levels" (introduced with Vista). They're essentially a concept of how much trust one puts in a process, within a single user account. So, for example, a user's web browser process can have fewer privileges than their word processor. I don't think it's much help against the current attacks (lusers just willingly elevate the stuff anyway), and it's not much taken advantage of in current code, but I think the potential is there. *nix doesn't really have a concept like that yet. I think you might be able to do it with MACLs and SELinux, but I don't think anyone is, "out of the box". > Most vulnerabilities today are actually in applications, not the OS. One problem with that statement is Microsoft keeps blurring the line between "application" and "OS". One example being that I still need to reboot my "OS" when Microsoft's web browser "application" gets an update. :-p Another example is file and print services. They're still part of the system core, even with Win 2008. In the world of *nix, I can update Samba for a security fix, and all I need to do is restart my Samba services. On Windows, an update to SRV.SYS still means a reboot. Further, penetration of Samba does not automatically mean a system compromise. It's not a kernel process. (Although a Samba exploit often does mean system compromise, because Samba still runs the common service processes as "root", partly because of need, but also because nobody wants to take on the task of reorganizing the code to facilitate privilege separation. Microsoft appears to have the same issue. Except Microsoft is charging me big bucks to have them not do it.) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
