Maybe we should do it the unix/linux way, there is a root user, called administrator, he is allowed to do everything, but by default you shouldn't be able to login as administrator (the way it is on ubuntu and some other linux-distributions). In addition to that, there could be another user, who is a more privileged user, but you can only login as him in setup mode. This is an option I would add to freeldr, it would boot ReactOS as usual, but deactivate alot of things like the network subsystem, most of the services, all autostarted applications and maybe some other things, so that the pc is more safe and is easier to repair, if something is broken or there security holes, which can only be closed, if nearly everything is shutdown. After the user logged on with the password of the more privileged user, a window would popup and ask him, which of the shutdown things he wants to start, maybe he needs a network connection, who knows... but this concept is another topic.
Back to the ordinary user. He is limited, like an ordinary unix user. If he wants to acces something, he isn't allowed to do (like using the ms installer, or packetmanager, or changing specified registry values like autostart entries) a little window will popup and ask him for the system maintenance password (the password of the more privileged user).
And here is the difference between the administrator and the more privileged user: The administrator password can only be used in setup mode, when the user logged on as the more privileged user, the password of the more privileged user (who for example isn't allowed to format partitions) is the only password an ordinary user can use to gain some more privileges, he is only able to change very dangerous settings, if he booted in ReactOS setup mode, knows the system maintenance password and the administrator password.
With this method, it is nearly impossible to cause problems, the user didn't want to cause, as he really has to know, what he is doing to cause such things. No stupid virus will ever be able to cause really big damage and the best thing, this is more or less userfriendly. Maybe additionally we could create different system maintenance passwords for every user or deny giving him the privilege of entering system maintenance mode, but that's something we shouldn't discuss at this moment.
Just my ideas on this topic...
Greets,
David Hinz
Dennis - Guardian schrieb:
Jeff Smith wrote:
Sorry but I'm not familiar wit chroot, so I didn't catch all of that but why not have something where during the setup it'll ask you for the "system password" those would be used for the Administrator account first time logging in a window would appear, explaining the pro's and con's of the admin account and asks the user if he/she wants to create another account for his/her activities.
this approach will do 2 things 1. secure the computer because ReactOS would automatically prompt the user about the security of the admin account and 2. educate the user with a little bit about how the computer works.
"Every thing should be made as simple as possible, but not simpler." - Albert Einstein
Ros-dev mailing list Ros-dev@reactos.org http://www.reactos.org/mailman/listinfo/ros-dev
since I do software development and a little support for a living I think I'm qualified to make this comment. As much as we'd like to educate people in this manner (no matter what software we write) most users will not read it and if they do, they will not understand it. as much as choice is nice (and the open source way), it's probably better to just have them use the secure way by default. make it easy to find and change the behavior for those that want to, but keep it out of the way of the average user. maybe something like an option in the beginning of setup for 'let me choose everything' or 'just make it work' and an easy switch between advanced mode/just work mode somewhere else would be a good way to go?
Dennis