Can you list something in Windows (NT and up) that had security only in the UI layer and not in the core ? Because this concept is great, but not unique to Linux.Originally Posted by cyberfish
Can you list something in Windows (NT and up) that had security only in the UI layer and not in the core ? Because this concept is great, but not unique to Linux.
hth
-nv
She was so Blonde, she spent 20 minutes looking at the orange juice can because it said "Concentrate."
When in doubt, read the FAQ.
Then ask a smart question.
No I can't. There are too many things I can do in UI that I can't do directly (command line), but that is probably just due to my lack of knowledge. As you can see, I am not familiar with Windows at all. My feeling with Vista, though, is that it's patchy. Even if everything that can be done in the UI can be done in core, I have a feeling that the OS is centered a lot more on the UI. The hierarchy is not as strict. Either that or there is some extremely good integration going on here. For example, can you configure the firewall without the UI? how about changing file permissions (I have a feeling this can be done)? or UAC?
But of course, I have not analyzed Windows to any great extent, so feel free to correct me.
It is unlikely you can do that via command line simply because Windows is built around simplicity and casual users who are scared of command lines or don't know how to use them.
It's possible to add some file permissions such as read-only via command line, though.
Windows is a GUI-oriented OS. When there's something to configure, a GUI is written for it. You can maybe modify the registry or some hidden config files to do the configuration manually, but you won't find a CLI for the settings, because it's unnecessary extra effort to provide one. (Unless, that is, it's something people will want to control from a batch file.)
I don't see how that is relevant to the security issue, though.
Interestingly enough, the equivalent of UAC would not be possible in Linux. The OS is not set up to bring things at this level to the attention of the user. Its layers are too strictly separated, and any cross-layer communication that exists would be potentially compromised in the situations UAC is made for.
But then, UAC is an absurd concept anyway, from a design standpoint.
All the buzzt!
CornedBee
"There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
- Flon's Law
UAC is an Unbelievably Annoying Concept.
And Windows Update is like that guy on your team that submits his changes without telling anyone and ends up breaking the whole branch.
Of course CLI and GUI are both UIs, so I guess my explanation was not good. What I was trying to say is the strict layers, where the kernel would expose its functions through a simple interface (POSIX functions), and GUI security interfaces will only interact with the kernel using that interface. It shouldn't do things like directly access the filesystem to change file permissions for example. That would be crossing layers. With such a strict layering system, as mentioned above, some cool things won't be possible to do. However, in return, one gets hardened security. No matter how badly designed the interfaces are, as long as the OS interface is bug-free, security cannot be compromised. The UI basically just issue commands for the user. If the user running the UI doesn't have the right to do something, nor will the UI. It's certainly easier to keep the kernel and the simple interface bug free, than trying to keep the whole thing, including the UIs, bug-free.
But of course, I have no idea how Windows does it, as people who have seen the source are not likely to share their findings
Nothing is 100% secure. If it's written in code it can be thwarted with code. And your bug-free statement is a huge if and a bit unrealistic.No matter how badly designed the interfaces are, as long as the OS interface is bug-free, security cannot be compromised.
Sorry I have to disagree.
The trick lies in "as long as the OS interface is bug-free".
It's like saying, if Windows is bug-free, no program can crash it.
Sure, it is unrealistic. Nothing can be bug free. I was just saying that it is a lot easier to keep the core and POSIX interface bug free, than the whole system including the UI. As a result, Linux is more secure.
Actually nothing you are saying is easy nor sensible. 100% bug free in a 5 million lines of code just doesn't happen. MSVC 2005 was reportedly released with over 20,000 bugs according to some dev blogs and that is just a compiler. Whether or not that is 100% accurate is up for debate but saying that bug-free apps ensure security is a bit of a stretch. Some bugs have nothing to do with security and some security flaws are not bugs but design flaws. And guess what...as long as a human designs the system there will always be flaws. But some of them are not flaws as much as tradeoffs. Using one approach may warrant some tradeoffs but be eaiser and less time consuming than another approach. In the end bug fixing is far from just making an application secure. So your statements about bugs somehow magically introducing a huge level of security are lacking a bit.Sure, it is unrealistic. Nothing can be bug free. I was just saying that it is a lot easier to keep the core and POSIX interface bug free, than the whole system including the UI. As a result, Linux is more secure.
What I meant is, it's certainly easier to maintain 5000 lines of code vs 5 million lines of code. As a result, the 5000 lines of code will be more bug-free, given the same amount of man-hour/effort put into the code.
But what code is only 5000 lines? Certainly no kernel I've heard of.
It's an exaggeration...
The Linux kernel is orders of magnitude smaller than the whole Windows codebase.
Somehow I doubt that.
Don't think that the Linux kernel is anything less complex than the Windows kernel.
If you count the drivers which are embedded in the kernel, the Linux kernel easily surpasses the Windows kernel.
The Minix kernel is less than 5000 lines.
Of course, that's a micro kernel, and there's a lot of room in the user space support programs (drivers) for bugs, but they can only compromise part of the system, since they're user space programs. That's the whole point of micro kernel architectures, of course.
All the buzzt!
"There is not now, nor has there ever been, nor will there ever be, any programming language in which it is the least bit difficult to write bad code."
- Flon's Law
It's not, but I meant the WHOLE Windows codebase. The security layers are not as strict in Windows, and UIs are allowed to do low level stuff. That makes bugs in the UIs potential security holes, too. In Linux, one needs to exploit the core of the OS, as UIs are more or less just wrappers, and only do low level stuff through the simple interface the OS exposes. That is to say, if one cannot break the system on the command line, one cannot break it through UI programs.Somehow I doubt that.
Don't think that the Linux kernel is anything less complex than the Windows kernel.
If you count the drivers which are embedded in the kernel, the Linux kernel easily surpasses the Windows kernel.
