| |||||||||||||
Exploring options for the openSUSE security policyExploring options for the openSUSE security policyPosted May 24, 2012 8:18 UTC (Thu) by michaeljt (subscriber, #39183)Parent article: Exploring options for the openSUSE security policy
Don't Windows and OS X already solve this by having the concept of privileged and unprivileged users when a user is added? I wouldn't think it would hurt usability so badly to have a drop down box with a few different (the most common) types of privilege category when a user is added. And the mechanisms to handle this nicely are already there.
(Log in to post comments)
Exploring options for the openSUSE security policy Posted May 24, 2012 8:35 UTC (Thu) by niner (subscriber, #26151) [Link]
This whole security policy/administrative priviledges thing is a point where Windows and OS X are everything but good examples. I'm not talking about vulnerabilities (perceived or real), but usability. OS X is built around the one desktop user case allowing this user pretty much everything. Windows nags the user with popups which noone understands what they mean or why they come and where everyone just hits OK anyway (of course slightly exagerated). They have not found a good solution either.
Exploring options for the openSUSE security policy Posted May 24, 2012 8:54 UTC (Thu) by AndreE (subscriber, #60148) [Link]
The Windows information display might be useless, but the policy framework isn't. It's granular and allows you to do exactly what we would want here.
Exploring options for the openSUSE security policy Posted May 25, 2012 13:53 UTC (Fri) by vonbrand (subscriber, #4458) [Link] Peter Gutman's phising guidelines say exactly the same as the grandparent: Users have been conditioned to just check "Don't ask again" and click OK on popups, without looking twice (let alone reading). Plus almost all Windows machines I've seen have the lone user as administrator, and no password. Sure, Windows provides the mechanism to manage the machine securely, but it is so much hassle almost nobody does it. Same for Linux as it stands today, you can cobble up something using group permissions and sudo(1), but it requieres an expert to set up for your exact use case, and not even Linus bothers.
Exploring options for the openSUSE security policy Posted May 28, 2012 15:54 UTC (Mon) by hummassa (subscriber, #307) [Link]
> not even Linux bothers.
Probably because, in the case of the PERSONAL {desk,lap,palm}top computer, it makes no sense at all. What I see lacking still (for any platform) is a nice policy (and a nice, simple, proven, etc... policy editor) for corporate *top computers.
Exploring options for the openSUSE security policy Posted May 28, 2012 15:58 UTC (Mon) by hummassa (subscriber, #307) [Link]
s/Linux/Linus/
|
|||||||||||||