|Perl Monk, Perl Meditation|
Re (tilly) 5: Changing owner of files: Windows vs Linuxby tilly (Archbishop)
|on Apr 07, 2001 at 05:00 UTC||Need Help??|
I am mixed in my opinions about this.
So let me start with the uncontroversial note that I find it ironic that Larry Wall criticized Lisp as an exemplar of the "sweep-it-under-someone-else's-carpet" school of simplicity. Ironic because a large part of what I think is good about Perl is how it has encouraged people to hide complexity under someone else's carpet. (Very frequently with that someone being an author on CPAN.) This is one of the reasons that programming in Perl is productive, because you get a lot done with little work.
That said the security model of Windows is not one of the things that I would call a shining success. To be sure they have a lot of interesting ideas. However security is one thing that you don't want to get wrong, and Microsoft has done exactly that, repeatedly. Plus when I hear someone say, "sophisticated", what I hear is, "complex, poorly understood, and likely buggy". Those are not things you want in a security model.
Not that Unix is an exemplar here either. As with most things, Unix takes the approach of solving a very simple problem and declaring that to be enough. Well it isn't. With the sole exception of OpenBSD, there is not a single flavour of modern Unix that I would feel comfortable letting an untrusted and competent cracker local access to. And the security model of Unix is also singularly unsuited to handling a complex permissioning system. Plus authenticating actions by the current user/group of the process is using global data. If you need to do complex stuff with restricted access to permissions beyond the normal, well be cautious because it is easy to go wrong. (This is a key cause of why Unix is so characteristically vulnerable to root compromises.)
But for all that Unix is not very good, it is head and shoulders above Windows in practice. Largely because Unix made a lot of the mistakes that Windows is still making a long time ago. (Based on theory, I am favorably inclined to believe the claims of the EROS folks that they really do have a good security model. At least reading their articles taught me a lot about where and why security goes wrong!)
Now back to Windows and Unix. And unbridled advocacy.
IMNSHO anyone who is so put off by the perceived faults of a system that they cannot see the qualities is a narrow-minded fool. Unlike jcwren, I am not a fan of Windows. But I am not stupid either. Microsoft may not have always achieved and held their position through using the best technical product, but when they truly do put out the worst (hello Bob) they don't succeed. Windows has merits. It has things it does very well. Office is a capable office suite. A lot of research and effort went into IE. Any programmer who is blinded by bigotry and decides that this is irrelevant is hurting themselves first, second, and third.
In fact many of the things that I do not like about Windows are tied to intentional decisions. For instance I do not like the way that Windows pushes people in subtle and not so subtle ways to interact through the GUI rather than with a command line. I am not visually oriented. I generally prefer text. Always have, probably always will. (Which might be why I am writing this from Debian, using fvwm2 as my window manager. Isn't the purpose of a GUI to let you run more xterms...? :-)
What this means is that Windows is generally harder to script than Unix. But Windows is easier for most people to use on the desktop. Now do I think that it is possible to have a system that is better than either is tooday? Yes. But that doesn't change the fact that the choice to actively focus on moving people off of the command prompt and to the GUI was intentional on the part of Microsoft. And it wasn't necessarily (my preferences notwithstanding) the wrong decision to make either.