On Tue, Apr 3, 2012 at 11:56 AM, Christopher Browne <cbbro...@gmail.com> wrote:
> It's pretty typical for MacOS applications to require "enter your
> password; I need to su to root to install this!" in plenty of places
> where the UI does not actually tell you what is being done as root.
> After enough iterations of "enter your password so my process can do
> undisclosed admin stuff," I'm not sure that you've got anything more
> secure than you'd have if /usr/local was writable by the desktop user.

I think that's somewhat true.  Part of the reason why Windows is so
crufty is because of lousy privilege separation -- MacOS and even
Ubuntu are now busy copying that design, but realistically people do
need to install software, so short of educating users better or
creating a walled garden it's not clear how much better you can do.
However, Windows has another problem, too: there are so many ways that
you can hook into the system and get control that it's basically
impossible to remove spyware and crapware without its cooperation.  I
mean, you can get rid of some of it, but finding all the little fiddly
pieces that have to be ripped out is basically not doable.  You just
reinstall the machine.

Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to