lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.58.0406220224130.15343@suse.bluegenesis.com>
From: todd at hostopia.com (Todd Burroughs)
Subject: M$ - so what should they do? 

On Mon, 21 Jun 2004 Valdis.Kletnieks@...edu wrote:

> > No way!  Am I the only person who still uses "copy con filename.txt" to
> > create scripts and such at the command line?  Please tell me I'm not?
>
> I think the intent is that "con as a special filename in every directory" has
> to go away - you'd still be able to use
>
> copy c:\something\con filename.txt
>
> (Remember, us Unix people have had to use /dev/tty and /dev/null and /dev/zero
> for 3 decades, and never minded that 'tty', 'null', and 'zero' didn't exist in
> every single directory)....

Does this really matter?  On UNIX I can can use /dev/whatever in any
directory and I have to have that access to make UNIX work.  Not having
/dev/null available in every directory breaks things, I rely on it
being there...  The OS controls my access, I assume Windows does the
same thing.

Maybe having "magic" names that don't start with '/dev' (i.e., some known
prefix) is a mistake, but I think that's a minor issue.

Personally, I think the design of the registry and having apps like a GUI
and web browser intricately tied into the OS is a very bad design and is
at the core of the problem.  Another is that MS is a marketing company,
so they do things to gain and keep market share.  That's been discussed
to no end ;-)

Microsoft would come a long way, very easily, in security if they made it
so that you usually run things as a user, not "root" or "Administrator".
Lindows has this wrong and if it gets popular, it will have similar
problems.  Unfortunately for MS, if they make things harder, Linux starts
to look easier...

Todd


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ