On 10 Sep 2004 at 22:06, d. collins wrote: > David W. Fenton écrit: > >2. you're already using your PC with a user-level logon (not > >administrative). > > Could you please explain this in more detail (in the case of Win2K)?
You are a computer user. But you do different kinds of tasks: 1. reading email, typing letters, creating Finale documents, simply manipulating data (and doing nothing to the system). 2. installing software, installing new hardware, etc., and otherwise altering the configuration of the system itself. The first group of tasks are USER tasks, the second ADMINISTRATIVE tasks. USER tasks manipulate data. ADMINISTRATIVE tasks manipulate the configuration of the system itself. To accomplish the first group of tasks you do not need the power to do the second group of tasks. Every NT-based version of Windows has always shipped with certain predefined user groups, each with its own associated set of permissions and privileges. The two key groups are USERS and ADMINISTRATORS. When you initially set up an NT-based Windows computer, the first account you create is the default ADMINISTRATOR account. This is the ROOT account on your PC, the one that has special status as your PC's God, so to speak. That logon has permission to alter and change EVERYTHING on your PC, full permission and privileges on everything. It is not wise to log on as ROOT on a regular basis, because you can accidentally do damage to your system, especially if you were to inadvertently execute a worm, virus or Trojan -- any program you launch as ROOT inherits all the permissions of the user logon it is running as. Therefore, the only safe and prudent way to use your computer is to create a USER logon that you use as a regular basis that has only USER-level permissions. The result is that less damage can be done to your system if a rogue program is executed. It also means that whenever you need to install software or hardware (or change software/hardware configurations), you must log on as an ADMINISTRATIVE-level user. Some people seem to find this minor inconvenience intolerably irritating and use this minor extra step as justification for skipping the safe step of working normally as a user-level logon. I don't understand why people are so willing to give up the safety because of such a minor inconvenience. It reminds of people who won't wear seat belts in automobiles. A few random points: 1. some older software was not designed to be able to run properly with only user-level access. For instance, with the user-level permissions for writing to the system registry of Win2K and WinXP, Word 97's spell checker won't run (in NT 4, the permissions on the Office 97 registry keys were more permissive). This is easily fixed by changing giving the USERS group full control of the appropriate Office 97 registry key (it's one of the Proofing Tools keys). Irritatingly, there are lots of software installers that long post- date NT that still aren't designed on the assumption that the programs they install need to be able to be run with only user-level permissions (indeed, most installers should be able to install with only user-level permissions, since it's perfectly conceivable that software would be installed only for the currently logged-on user; many installers stiill can't do this). This causes some programs to break when run under a user-level logon. The only case where this is OK would be for installers created for NT 4 (i.e., before the release of Win2K, which tightened permissions/privileges significantly in comparison to NT 4), and that means installers created before about 1999 (when Win2K was released). Any software that postdates the release of Win2K should have been designed by default to run perfectly OK with only user-level permissions. 2. Microsoft has configured the Windows setup process to encourage users to do two very unsafe things: a. run as an administrative-level user b. log on automatically. This is so that the new NT-based versions of Windows seem to work just like the old versions of Windows, where you were always running as root and didn't have to log on to the system, and so that users never run into the "you don't have permission to do this" prompt. The problem with this is, of course, that you then lose all the benefits of having a built-in security system and access control lists (ACLs) that restrict access to objects in the system registry and in the file system. The other result of this is that the vast majority of home users haven't a clue why they are getting infected with everything under the sun -- it's actually because they are running in the most insecure configuration imaginable. Basically, the current computer ecosystem demands that you be a good citizen and *not* run in a configuration that allows rogue software to infect your machine. Now, it is certainly the case that even running as a restricted user you can infect yourself, but the potential damage is not as great as when you are running as an administrator. That degree of additional safety is worth the extremely minor inconvenience that comes from running as a restricted user. -- David W. Fenton http://www.bway.net/~dfenton David Fenton Associates http://www.bway.net/~dfassoc _______________________________________________ Finale mailing list [EMAIL PROTECTED] http://lists.shsu.edu/mailman/listinfo/finale
