Linked by Eugenia Loli on Fri 11th Nov 2005 00:53 UTC, submitted by Mr. Tan
Windows Sources at the company told Paul Thurrott this week that Microsoft will soon delay the release of Windows Vista Beta 2 from December 7, 2005 to sometime in January or February 2006. However, because the Vista development schedule is extremely time constrained, the company will try and make up lost time by eliminating one of the planned release candidate (RC) milestones that were planned for later in the process.
Thread beginning with comment 59253
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[3]: Broken design? Got proof?
by miro on Fri 11th Nov 2005 14:03 UTC in reply to "RE[2]: Broken design? Got proof?"
miro
Member since:
2005-07-13

Well it all depends on how your mounts points are setup. It is nice that you can select a user who will own files on a FAT partition. I really see this only as a minor problem, there are problems on the other side too: if you had a usb stick with ext3 fs
on which a setuid application had all correct bits set a bad mount point (missing noexec) could really screw things up! So in the end be carefull not to launch anything from a medium you can't trust, no matter what OS you are using.

Reply Parent Score: 1

hal2k1 Member since:
2005-11-11

{I really see this only as a minor problem, ... So in the end be carefull not to launch anything from a medium you can't trust, no matter what OS you are using.}

This is not just a "minor problem" - it is a fundamental flaw. Windows OS (even NT and above) will happily execute a file without requiring it to be identiified as belonging to the system or to any particular owner, and without any concern if any administrator or user on the local system has granted that file permission to execute. Windows will happily trust a file from who knows where it came and go right ahead and execute it no questions asked.

That is fundamentally borked. The file could easily be a malicious trojan or virus planted on the system by an external hacker. Windows doesn't care.

The Windows OS is not a true multi-user OS design. It has fundamental shortcomings in this area.

{there are problems on the other side too: if you had a usb stick with ext3 fs on which a setuid application had all correct bits set a bad mount point (missing noexec) could really screw things up! }

Say what? ext3 fs fully supports ownership and permissions.

Reply Parent Score: 0