IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

New Windows has no user context?
I am not sure what you mean by "user context", but surely windows has more developed system of user right management than any default installation of Linux.
--

"It\ufffds possible to build a reasonably prosperous society that invests in its people, doesn\ufffdt invade its neighbors, opposes Israel and stands up to America. (Just look at France.)"

-- James Lileks
New process-level user context
A login is not a user. In principle, the Windows idea of a "user" hasn't changed since LAN Manager.
-drl
New I am still at a loss as to what you mean
--

"It\ufffds possible to build a reasonably prosperous society that invests in its people, doesn\ufffdt invade its neighbors, opposes Israel and stands up to America. (Just look at France.)"

-- James Lileks
New A login is a profile
on a Windows machine, which can have custom settings, policies, and other things. It has to log into a server part to become a user, except for peer to peer networking where it is treated as a virtual user. Each profile has a password assigned to it, no password is just a blank password on Windows 9X/ME and on those machines one can simply hit "Cancel" to log in on the default profile on the login box. The server password may be different than the profile password. There are ways around policies in 9X/ME, like removing the group policies program, or tweaking the registry to no longer load it. This makes Windows security a joke.



"Lady I only speak two languages, English and Bad English!" - Corbin Dallas "The Fifth Element"

New Re: I am still at a loss as to what you mean
The user features of Windows systems are pasted onto the kernel. The UNIX kernel itself understands how to assign privileges to processes based on user context. Try googling "Windows process accounting" - you won't find many hits.

I guess the best way to say it - all Windows processes are on the same level inside the "Windows NT Executive", with no concept of ownership, while UNIX processes are always in a parent-child relationship. UNIX uses user and group IDs to maintain process access and hierarchy, while Windows uses "access tokens" and there is no process heirarchy. When a process in Windows creates another process, it donates its access token to the new process. Every process has to maintain its own table of associated processes.
-drl
New You're much mistaken
WRT Windows NT and XP.

Every object in the kernel has ownership and access priveleges. You can restrict access to things like mutexes, processes, threads, files, file handles, directories, pipes - anything at all. The user management and privileges are completely customizable, you can create you own secured objects with their own prveleges, although the APIs are obscure, obtuse and rarely used.

I certainly do agree with you about Win 95 family - there, security is limited to a network share and completely useless.
--

"It\ufffds possible to build a reasonably prosperous society that invests in its people, doesn\ufffdt invade its neighbors, opposes Israel and stands up to America. (Just look at France.)"

-- James Lileks
New Can you be logged in as two people at once?
With the two people having different access levels?

Without paying for an additional product like Windows Terminal Server that is.

This capability is central to how *nix works. You always have processes around who are logged in as different users with different privileges. You can even have many GUIs running.

Cheers,
Ben
"good ideas and bad code build communities, the other three combinations do not"
- [link|http://archives.real-time.com/pipermail/cocoon-devel/2000-October/003023.html|Stefano Mazzocchi]
New Not log in, no.
But you can have multiple processes running under different user permissions at the same time.
Regards,

-scott anderson

"Welcome to Rivendell, Mr. Anderson..."
New I'll tuck that away in case I ever need it
"good ideas and bad code build communities, the other three combinations do not"
- [link|http://archives.real-time.com/pipermail/cocoon-devel/2000-October/003023.html|Stefano Mazzocchi]
New Yes you can and it is a weak security system
that allows it. If you can run CMD.EXE in the NT/2K/XP/2003 schedule program, it will be run as Admin access. Any program you open from that CLI will get run with Admin access inculding NET.EXE, horror of horrors!

Users can bypass the program install block by installing certain software to their Documents directory which has write access. A real secure system wouldn't even let them run the install program. Some programs check for Admin rights before installing, but some like OOo does not. It is up to the install program to check for access rights before installing.

If the user has access to the Notepad or Wordpad, they can give themselves access to almost anything. Usually by "Viewing Source" in IE, they get a Notepad program, even if their policies and rights disable it. All they do is clear out the HTML source and write in a batch file and save it somewhere writable, like their start menu or documents folder. Then click on it. Create a command to add CMD.EXE to the scheduler, and they can get Admin access or whatever the system runs those programs as.

Also IIS and other programs run as certain users and have a certain level of access that the logged in user may not have. So an ASP web page can be used to write to a file or database, when the user cannot, via IIS.



"Lady I only speak two languages, English and Bad English!" - Corbin Dallas "The Fifth Element"

New Re: Yes you can and it is a weak security system
If you can run CMD.EXE in the NT/2K/XP/2003 schedule program, it will be run as Admin access.
Wrong. The CMD.EXE process will be run as the user that started it, and security will work accordingly.


Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Blog]
New Certainly
Telnet Server is available

Terminal Server comes bundled with XP

Every service runs on an account different from the currently logged on user: either a special "system" account, or whatever the adminstrator chose.

Any process can start a subprocess as different user. API has full support for it, even though shell has none.

In any case, "paying for additional products" reflects price structure and marketing, not technology.
--

"It\ufffds possible to build a reasonably prosperous society that invests in its people, doesn\ufffdt invade its neighbors, opposes Israel and stands up to America. (Just look at France.)"

-- James Lileks
New Re: Certainly
Exactly - Terminal server is an add-on to the base operating system, because the latter is not really a multi-user OS. Only one user in base NT has a "desktop" context. In order to have many desktops you have to change the OS in such a way that large parts of it are replicated for every user. And this is just the login context.
-drl
New You keep hearing yourself, not me
NT can have arbitrary number of desktops, only one of them normally visible on a given console. All services run on an invisible desktop (I am not aware of any way to make that one visible). Terminal server gives you the ability to make invisible desktops visible. Another way to get an alternative desktop, I believe (I may be wrong here) is to hit ctrl-alt-del. The visual you see is actually a different desktop.

Also, you don't have to have a desktop to run a process, hence telnet server.
--

"It\ufffds possible to build a reasonably prosperous society that invests in its people, doesn\ufffdt invade its neighbors, opposes Israel and stands up to America. (Just look at France.)"

-- James Lileks
New Re: You're much mistaken
As I said, this is done with the glommed-on idea of access tokens - it's not a hierarchy of processes as in UNIX. I don't consider the former to be multi-user, and neither do OS theorists.
-drl
New What does hiererchy of processes have to do with it?
And, btw, you can emulate hierarchy with process groups. Not nice, but possible.

--

"It\ufffds possible to build a reasonably prosperous society that invests in its people, doesn\ufffdt invade its neighbors, opposes Israel and stands up to America. (Just look at France.)"

-- James Lileks
New Re: What does hiererchy of processes have to do with it?
Because it guarantees that a process will have a determinate user context. As you know, there are floating "NT_AUTHORITY" and "SYSTEM" contexts in NT that are only there so legacy code can run. Plus, there is no simple way to isolate everything executing in a given context in NT - you have to slog through all the processes and get their access tokens. NT was deliberately not built with a determinate user context so that legacy code would run.

Eric Raymond wrote a FAQ about UNIX programming, I think he talks about it in there. He points out that because of all the compromises related to legacy code, NT become practically impossible to make secure. The boundaries are "too porous" as he put it. In a real multi-user system, the user context is always known and determinate.

To give a practical example, suppose I want to immediately remove a user from a UNIX system. I remove his login, find his top-level processes and terminate them, and he's gone. In NT, you make a change to the user database, this has to propagate everywhere, his processes still run until they quit. Because there is no determinate user context, he fades away.
-drl
New I am not sure what NT_AUTHORITY is
But System is a very definite context. It has all rights of Adminstartor account on a local machine and no rights on the network. It has no user name/password associated with it, so users cannot log in on it.

Legacy is indeed a major problem for Windows, but it's mostly in GUI and SMB code. Avoid both, and you should be OK.

On single NT or Unix machine, you remove the user the same way: disable login and terminate processes. It's immaterial whether you jave to kill all processes or "top-level" processes: in practice, in Unix and NT you keep killing till there is nothing to kill. And yes, NT knows who started the processes.

On multi-machine installations, such as NIS or NT Domain, you disable the user in the central database and it may or may not have to propagate. Apples to apples, please.
--

"It\ufffds possible to build a reasonably prosperous society that invests in its people, doesn\ufffdt invade its neighbors, opposes Israel and stands up to America. (Just look at France.)"

-- James Lileks
New Except:
But System is a very definite context. It has all rights of Adminstrator account on a local machine and no rights on the network. It has no user name/password associated with it, so users cannot log in on it.


That's not the same thing as saying users can't execute code under its authority. Just run a service as System.
I was one of the original authors of VB, and *I* wouldn't use VB for a text
processing program. :-)
Michael Geary, on comp.lang.python
New RIght you are
--

"It\ufffds possible to build a reasonably prosperous society that invests in its people, doesn\ufffdt invade its neighbors, opposes Israel and stands up to America. (Just look at France.)"

-- James Lileks
New Bottom line
If you can start a service, you can start it as System.


Peter
[link|http://www.debian.org|Shill For Hire]
[link|http://www.kuro5hin.org|There is no K5 Cabal]
[link|http://guildenstern.dyndns.org|Blog]
     NET SEND to all except a few systems? - (SpiceWare) - (42)
         Send to group -NT - (Silverlock)
         If you send not to machine names, but... - (CRConrad) - (6)
             Re: If you send not to machine names, but... - (deSitter) - (5)
                 "Messenger" != "NET SEND" ? - (CRConrad) - (4)
                     NET SEND Help - (orion)
                     Re: "Messenger" != "NET SEND" ? - (deSitter) - (2)
                         Alternatively... - (pwhysall)
                         So if Darrell's gang use W2K or later, they could try my way -NT - (CRConrad)
         update - (SpiceWare)
         Re: NET SEND to all except a few systems? - (qstephens) - (32)
             ROFL - (deSitter) - (31)
                 It inspires me - (orion) - (30)
                     Re: It inspires me - (deSitter) - (22)
                         On this we agree - (orion)
                         Windows has no user context? - (Arkadiy) - (20)
                             process-level user context - (deSitter) - (19)
                                 I am still at a loss as to what you mean -NT - (Arkadiy) - (18)
                                     A login is a profile - (orion)
                                     Re: I am still at a loss as to what you mean - (deSitter) - (16)
                                         You're much mistaken - (Arkadiy) - (15)
                                             Can you be logged in as two people at once? - (ben_tilly) - (7)
                                                 Not log in, no. - (admin) - (3)
                                                     I'll tuck that away in case I ever need it -NT - (ben_tilly)
                                                     Yes you can and it is a weak security system - (orion) - (1)
                                                         Re: Yes you can and it is a weak security system - (pwhysall)
                                                 Certainly - (Arkadiy) - (2)
                                                     Re: Certainly - (deSitter) - (1)
                                                         You keep hearing yourself, not me - (Arkadiy)
                                             Re: You're much mistaken - (deSitter) - (6)
                                                 What does hiererchy of processes have to do with it? - (Arkadiy) - (5)
                                                     Re: What does hiererchy of processes have to do with it? - (deSitter) - (4)
                                                         I am not sure what NT_AUTHORITY is - (Arkadiy) - (3)
                                                             Except: - (FuManChu) - (2)
                                                                 RIght you are -NT - (Arkadiy)
                                                                 Bottom line - (pwhysall)
                     Careful there . . - (Andrew Grygus) - (5)
                         Does it really? - (ben_tilly) - (3)
                             I don't remember all the details . . . - (Andrew Grygus) - (2)
                                 The licenses are more forgiving than you think - (ben_tilly) - (1)
                                     Really interesting issue - (orion)
                         Bah! I'll make it freeware then. - (orion)
                     that's what I did - (SpiceWare)

Gleefully participating in the heat death of the Universe!
85 ms