On Tue, Apr 3, 2012 at 11:56 AM, Christopher Browne <cbbro...@gmail.com> wrote: > It's pretty typical for MacOS applications to require "enter your > password; I need to su to root to install this!" in plenty of places > where the UI does not actually tell you what is being done as root. > After enough iterations of "enter your password so my process can do > undisclosed admin stuff," I'm not sure that you've got anything more > secure than you'd have if /usr/local was writable by the desktop user.
I think that's somewhat true. Part of the reason why Windows is so crufty is because of lousy privilege separation -- MacOS and even Ubuntu are now busy copying that design, but realistically people do need to install software, so short of educating users better or creating a walled garden it's not clear how much better you can do. However, Windows has another problem, too: there are so many ways that you can hook into the system and get control that it's basically impossible to remove spyware and crapware without its cooperation. I mean, you can get rid of some of it, but finding all the little fiddly pieces that have to be ripped out is basically not doable. You just reinstall the machine. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers