Linked by Thom Holwerda on Wed 31st Mar 2010 14:41 UTC
Windows As geeks, we're well aware of the importance of running as a normal user instead of as root (UNIX/Linux/BSD) or administrator (Windows). However, while this should be common knowledge to anyone reading OSNews, it's often hard to illustrate just how important it is - until now, that is. A report by BeyondTrust looked at how many security bulletins issused by Microsoft are mitigated by simply... Not running as administrator.
Permalink for comment 416285
To read all comments associated with this story, please click here.
RE[2]: Not entirely...
by TemporalBeing on Wed 31st Mar 2010 21:54 UTC in reply to "RE: Not entirely..."
TemporalBeing
Member since:
2007-08-22

It is the problem though, if you give someone broad sudo priviledges, all it takes is a sudo bug and you effectively have full control. If you do not run as the user with full privileges, it takes a lot more effort. With linux its a fairly moot point though, because the people interested in hacking it are only targeting environments that would never run that way.


Users must be part of the 'wheel' group AND be added to /etc/sudousers in order to have access to sudo. Additionally, to use sudo you have to enter your own password. It's not specifically allowed. Once you use it successfully it will let you continue issuing additional commands via more calls to sudo without a password but only for a given amount of time between calls.

'su' doesn't require any group - just that you know the password for that user, root or otherwise.

Exact same principal for windows. First windows user is in the "administrators" group, but they still need to go through a dialog for something to execute with admin rights.


Not quite.

On Linux/Unix there is typically only one administrator user - root. Rarely do you ever add another user to the 'root' group. Instead, you give people the privilege to switch user to the root user using su or sudo. See above.

On Windows you actually add users to the Administrators group. To properly do it the UNIX/Linux way you would not do that, but use the 'runas' command instead. It can be successfully done - I've done it before - but it is a major PITA as Windows is not designed to work that way.

Proper way to do it is not run daily stuff under an admin account, and run things as the admin account as needed.


Under UNIX/Linux, this is how all software is designed to run.

However, Microsoft has historically contributed to pushing for users to need Admin rights in order to use their daily software. Until Office 2002/2003, Office required Admin rights to run. Only recently (VS2005/2008/2010?, not sure which) did Visual Studios drop the requirement for developers to need admin rights in order to debug software.

It's not that administrators did not want to force people to not have admin rights to use their computer. It's that the software available for Windows - even software from Microsoft - required it!

The problem is that people are so irritated with having to hit "Ok" to run something as admin, they would be even MORE irritated if it required a username/password.


It's only a problem so long as software is designed to require admin rights to function.

Vista and Win7 are making a big show of it. You don't see so many issues now with it because either the vendors got smart and updated their software to not need it (which has happened), or (where that was not possible, or available yet to the user) people turned it off; and with Win7 the default level was toned down.

Reply Parent Score: 3