16 Dec
2005
16 Dec
'05
5:27 p.m.
Maybe we should do it the unix/linux way, there is a root user, called
administrator, he is allowed to do everything, but by default you
shouldn't be able to login as administrator (the way it is on ubuntu and
some other linux-distributions).
In addition to that, there could be another user, who is a more
privileged user, but you can only login as him in setup mode. This is an
option I would add to freeldr, it would boot ReactOS as usual, but
deactivate alot of things like the network subsystem, most of the
services, all autostarted applications and maybe some other things, so
that the pc is more safe and is easier to repair, if something is broken
or there security holes, which can only be closed, if nearly everything
is shutdown. After the user logged on with the password of the more
privileged user, a window would popup and ask him, which of the shutdown
things he wants to start, maybe he needs a network connection, who
knows... but this concept is another topic.
Back to the ordinary user. He is limited, like an ordinary unix user. If
he wants to acces something, he isn't allowed to do (like using the ms
installer, or packetmanager, or changing specified registry values like
autostart entries) a little window will popup and ask him for the system
maintenance password (the password of the more privileged user).
And here is the difference between the administrator and the more
privileged user: The administrator password can only be used in setup
mode, when the user logged on as the more privileged user, the password
of the more privileged user (who for example isn't allowed to format
partitions) is the only password an ordinary user can use to gain some
more privileges, he is only able to change very dangerous settings, if
he booted in ReactOS setup mode, knows the system maintenance password
and the administrator password.
With this method, it is nearly impossible to cause problems, the user
didn't want to cause, as he really has to know, what he is doing to
cause such things. No stupid virus will ever be able to cause really big
damage and the best thing, this is more or less userfriendly.
Maybe additionally we could create different system maintenance
passwords for every user or deny giving him the privilege of entering
system maintenance mode, but that's something we shouldn't discuss at
this moment.
Just my ideas on this topic...
Greets,
David Hinz
Dennis - Guardian schrieb:
Jeff Smith wrote:
Sorry but I'm not familiar wit chroot, so I
didn't catch all of that
but why not have something where during the setup it'll ask you for
the "system password" those would be used for the Administrator
account first time logging in a window would appear, explaining the
pro's and con's of the admin account and asks the user if he/she wants
to create another account for his/her activities.
this approach will do 2 things 1. secure the computer because ReactOS
would automatically prompt the user about the security of the admin
account and 2. educate the user with a little bit about how the
computer works.
"Every thing should be made as simple as possible, but not simpler." -
Albert Einstein
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.org
http://www.reactos.org/mailman/listinfo/ros-dev
since I do software development
and a little support for a living I
think I'm qualified to make this comment. As much as we'd like to
educate people in this manner (no matter what software we write) most
users will not read it and if they do, they will not understand it.
as much as choice is nice (and the open source way), it's probably
better to just have them use the secure way by default. make it easy to
find and change the behavior for those that want to, but keep it out of
the way of the average user. maybe something like an option in the
beginning of setup for 'let me choose everything' or 'just make it work'
and an easy switch between advanced mode/just work mode somewhere else
would be a good way to go?
Dennis