Longhorn following Unix on security?

Found on The Register on Sunday, 10 July 2005
Browse Software

Microsoft's delayed Longhorn operating system appears to be taking a page from the Unix management book by curbing user's administration rights.

Speaking at Microsoft's Worldwide partner conference on Sunday, Nash indicated the architectural change is part of a move to improve security of desktop systems by limiting the ability for end-users to install applications or for malware to take control of a machine, turning it into a zombie.

The move mirrors techniques used in various versions of Unix and Linux to create more limited variations of "the God user" or root account. This account provided a single user with total control of, and access to, an entire system's resources. Sun Microsystems, in particular, has touted very sophisticated user access controls with its new Solaris 10 operating system. This lets government agencies, for example, store information of different classification on the same computer, as the OS controls who is authorized to see the data.

Nash said a key Longhorn feature would be increased "granularity" in administration capabilities "so people need a lower level of privilege to install applications and printers. When a higher level of privilege is required, we can elevate that. You can use Longhorn in a very effective way without being an admin."

Why doesn't MS let the admin have control? When a process hangs up and you try to kill it via task manager, you sometimes get an error. You don't have access to certain areas (like "System Volume Information") and processes. The admin in Windows is just another user, nothing that can be compared with root. If I kill an important process in Linux and the result is a total crash, well, then I learn from it. But an admin being unable to end an instance of Media Player is ridiculous.