From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,55958fd991db66fe X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2002-09-14 08:42:27 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!newsfeed.berkeley.edu!ucberkeley!logbridge.uoregon.edu!news.maxwell.syr.edu!feed.cgocable.net!read1.cgocable.net.POSTED!53ab2750!not-for-mail Message-ID: <3D8358E1.9080703@cogeco.ca> From: "Warren W. Gay VE3WWG" User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0 X-Accept-Language: en-us, en MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Advantage of XML based GUI? (was Re: Ada-inspired OS/Language) References: <4519e058.0209101828.cb5ff85@posting.google.com> <3d7f9d3f.920665532@news.cis.dfn.de> <3d80b566.992395741@news.cis.dfn.de> <3d813a2b.1026389832@news.cis.dfn.de> <3d823132.1089638283@news.cis.dfn.de> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Date: Sat, 14 Sep 2002 11:42:25 -0400 NNTP-Posting-Host: 24.150.168.167 X-Complaints-To: abuse@cogeco.ca X-Trace: read1.cgocable.net 1032018343 24.150.168.167 (Sat, 14 Sep 2002 11:45:43 EDT) NNTP-Posting-Date: Sat, 14 Sep 2002 11:45:43 EDT Organization: Cogeco Cable Xref: archiver1.google.com comp.lang.ada:28971 Date: 2002-09-14T11:42:25-04:00 List-Id: Nick Roberts wrote: > On Fri, 13 Sep 2002 08:24:44 +0000 (UTC), Preben Randhol > strongly typed: >>On Fri, 13 Sep 2002 01:53:42 GMT, Nick Roberts wrote: ... >>So if somebody runs a program that contains a virus of some kind he will >>not deleting the hard disc for example? The reason for my question was >>that one can in Linux choose to login as root all the time when one has >>ones own machine, but this is utterly stupid. The reason is that if you >>run a rouge program it will have access to all the disc and can do >>anything as it would be run under superuser priveliges. Therefore one >>makes a normal user and uses this all the time and only use the >>superuser when one need to install software. In Windows they put the >>superuser priveliges on one of the users... That's why I'm asking. > > In simple terms, we will take steps to ensure that this sort of this cannot > happen in standard AdaOS installations. > > For example, when a program is downloaded from the Internet and executed, > it will be executed with an 'authority' that is very limited (certainly > disallowing reformatting the hard disk ;-) If that program tries to access > an object it (it's authority) does not have permission to access, the user > will be asked whether to grant that access; the user can say "yes" (in > which case the permission is effectively added to the authority) or "no". > Objects will have security 'groups', to make this process a little less > laborious. This doesn't always work out well with the "user". This is the same problem with the McAfee Firewall software. They start with the premise of locking everything down (which is good) and then asking questions of the user as they progress through their normal tasks. The problem with this model is that the end user does'nt understand the questions! If the user is presented with a prompt to allow/disallow TCP port 23 incoming access, he is stuck. The user becomes impatient and will then: 1) Allow the access to see if it will accomplish his task (but here he has no clue as to how to undo this later) 2) Disallow any access he doesn't understand because he is paranoid, and as a result may not accomplish what he wants to do. 3) Or answer a combination of 1 & 2 depending upon whether it "sounds dangerous" or not. 4) Do nothing without help, because he is paralyzed with fear. For McAffee Firewall, it would be better for a knowledgeable friend to set it up ahead of time so that the end user does not have to decide (at least it should have that option). In an operating system situation, I'm not sure if asking the user is the right thing to do. A knowledgable person should establish the run-time criteria ahead of time, IMHO. You don't want end users having to decide "programming" decisions. The end users don't want that responsibility either. -- Warren W. Gay VE3WWG http://home.cogeco.ca/~ve3wwg