"What improvements? MS products are still only as secure as you make them...": Uhm, isn't that the same with all Operating Systems? I never knew this was MS specific, boy, its a good thing we don't need to secure Linux or Mac's at all!

"It's easier to set all sorts of odd little permissions structures up in the ACL world, but it's also easier - a LOT easier - to accidentally make something accessible (or inaccessible) that shouldn't have been, somewhere in the tangled mess of inherited permissions.": You do not know how to set permissions?

"By comparison, the simpler ownership-based methodology results in a scheme that requires more careful planning from the administrator in terms of delegating responsibility and setting up non-trivial permissions structures": What you call "trivial permission structures", we call "flexability of permission structures"; you don't need to set them if you don't need them. Too difficult for you?

"Finally, the last real set of pro-vs-con in terms of security is simply that it's a hell of a lot more difficult to effectively administer an MS server even if you ARE the administrator": Are you a Windows enterprise manager? You don't seem to know much about policies, so I'm not sure who you are getting this information from. Perhaps others like yourself?

"By comparison, the *nix world can do anything from anywhere else as easily as they can sitting right there at the desktop": Last time I checked, a couple thousand Windows machines were not that difficult to administer through AD.

"tangled spaghetti mess that requires a system reboot every time you do something": Are you making this comment based on Win95,98,NT? I haven't rebooted my W2K box in months... haven't needed to. I wonder where or where you get this stuff from, because its certainly not from experience.

"Uh... correct me if I'm wrong, but... did you just accuse a *nix of being *too easy to use*, and suggest that MS products are more difficult...?": Well, actually, yes, you seem to display a complete absence of understanding to all of the above issues; so one would believe that MS was extreamly difficult to grasp for some people.

:: boggles :: ? hmm.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/127/17364#17364