Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
Microsoft Patents Sudo?!! (Groklaw)
Posted Nov 12, 2009 20:35 UTC (Thu) by DOT (subscriber, #58786)
I'm a bit curious though why Microsoft would feel the need to patent this. It's not really an invention. It's an ugly hack, with little chance of being copied.
Posted Nov 12, 2009 21:26 UTC (Thu) by NAR (subscriber, #1313)
It's probably not "Microsoft", but some software research/development group in Microsoft. One of the performance metrics used on such group could be "number of patents/year", so they try to patent every idea. Also, the individual researcher/developer might get a bonus for every patent.
Posted Nov 12, 2009 21:37 UTC (Thu) by foom (subscriber, #14868)
What's "the right thing" when an unprivileged user wants to change a privileged system setting that
they are not allowed to change? For example: deleting a user account, or installing software
system-wide. The solution in Windows (and OSX) is to ask you if you'd like to authenticate using an
suitably-privileged-user's credentials in order to perform that task.
The idea is that perhaps that user can be called in to allow the task which you yourself are not
trusted to do.
Posted Nov 12, 2009 21:57 UTC (Thu) by DOT (subscriber, #58786)
Posted Nov 12, 2009 22:15 UTC (Thu) by Kit (guest, #55925)
That's the way sudo works, which before PolicyKit was generally the method of choice for administrative tasks in GUIs on *nix (along with su).
Posted Nov 12, 2009 23:51 UTC (Thu) by PaulWay (✭ supporter ✭, #45600)
Yes, and there's the fundamental point we need to watch.
The patent basically deals with the OS recognising that the user doesn't have the permissions to do something, and prompting to enter the password for an account that does. sudo, on the other hand, requires the user to know beforehand (i.e. as they type the command) that they need it to run with elevated privileges; it prompts them for their own password and then checks its configuration for whether that person can run (that command) as that higher privilege. The difference is in the timing (before or after the command is being run), the authenticator being asked for (user versus admin) and the user interaction.
The big problem we have was that the patent was filed in 2005; PolicyKit started development in 2008. We need to find prior art for something that behaves like PolicyKit, rather than sudo. I'm not sure that sudo and the various analogues that people have suggested are the same as what Microsoft claims.
I agree with everything else that's wrong about this patent: it's obfuscated, it tries to explicitly claim that it's not just patenting the steps but anything that looks like them, and it's definitely stifling any possibility of progress in this kind of user interface. And I also agree that what they're patenting is a fairly stupid, fairly obvious way of dealing with the problem - some of the less intelligent species of the genus Cucurbita might have trouble remembering the name 'administrator' but few sysadmins generate their own administration user called (4Gn2z^/y$b8x"hQ - which seems to be the problem they're describing.
But don't fool yourself by thinking sudo is prior art to this patent.
Posted Nov 13, 2009 6:59 UTC (Fri) by johill (subscriber, #25196)
Posted Nov 13, 2009 11:37 UTC (Fri) by cortana (subscriber, #24596)
Posted Nov 14, 2009 11:45 UTC (Sat) by luya (subscriber, #50741)
Posted Nov 13, 2009 11:44 UTC (Fri) by cortana (subscriber, #24596)
Posted Nov 13, 2009 20:37 UTC (Fri) by jdv (subscriber, #712)
Posted Nov 14, 2009 4:06 UTC (Sat) by luya (subscriber, #50741)
Posted Nov 18, 2009 9:08 UTC (Wed) by k8to (subscriber, #15413)
Explicitly suing to root in a shell before running minimal programs to adminster the system... vastly
superior to this overengineered ball of hair called hal, dbus, policykit, devicekit and friends, which
won't even nicely cooperate with other methods. May they burn.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds