[Dshield] Flavors of Linux
brian at dessent.net
Sun Oct 3 05:22:54 GMT 2004
> Files and directories have owners, groups, and permissions. There's such
> fine-grain control as searching directories, reading, writing, and
> executing for each of the three classes: owner, group, and everyone else.
> Beyond this, there are additional features, such as setting uid, guid,
> amd immutable flags. Last time I checked, Windows had little more than +a,
> +h, +s with 'attrib', from the days of DOS, and those aren't security
> properties at all. I've seen very few Windows systems run with other than
> Administrator access. Most users aren't even aware that muliple logins and
> users are possible. Even so, even this doesn't fully protect all the files
> it should. The FS is just one example.
Ummm, hell no.
Windows ACLs provide much finer grain control than posix-style
permissions. The comparison isn't even close. You obviously haven't
used Windows in a while if you think "H R S A" are the only attributes a
file can have. (Hint: nobody uses FAT.)
More information about the list