[whatwg] whatwg Digest, Vol 82, Issue 10
rescator at emsai.net
Wed Jan 5 08:18:47 PST 2011
On 2011-01-05 01:07, Seth Brown wrote:
> I couldn't agree more that we should avoid turning this into vista's UAC.
The issue with UAC is not UAC.
UAC (especially the more dilligent one on Vista) merely exposed
programmers and software expecting raised priviledges while they
actually did not need them.
Linux has had "UAC" pretty much from day one so programmers and software
has played nice from day one.
And UAC is not really security as it does not protect the user, UAC is
intended to ensure that a user session won't fuck up anything else like
other accounts or admin sessions or the OS/kernel.
UAC protects the system from potentially rogue user accounts.
So it's a shame that UAC's introduction in Vista brought such a stigma
upon it as I actually like it.
Myself I have a fully separate normal user account (rather than the
split token one that most here probably uses) so I actually have to
enter the admin password each time,
but I do not find it annoying, and I actually develop under this normal
only system updates or admin stuff need approval, and the odd software
(but I try to avoid those instead).
Running software or installing software need to bring up any UAC at all,
if it does it is simply lazy coding by the developers,
and any webapp stuff should also follow the same example in this case.
UAC is meant to help isolate an incident and prevent other parts of a
system from being affected, or other users/accounts,
so a webapp should be secured under those same principles.
Considering all the issues with cross site exploits and so on it's
obvious that the net is in dire need of some of those core principles,
so please do not so easily dismiss UAC due to how it's perceived, but
rather judge it by what it actually is instead.
Roger "Rescator" Hågensen.
Freelancer - http://www.EmSai.net/
More information about the whatwg