ACLs
want to know why Windows is so easily
hacked?
As technologies progress and our devices are ever
more networked with each other, security in operating systems has become
increasingly complex. This complexity makes the systems themselves less secure
because it is harder for developers to understand it. So the OS vendors add
complexity to deal with the fact that applications are doing security wrong
which creates a vicious cycle.
Are you
a windows developer? Do you understand ACLs? Maybe you do, but most likely you
only think that you do. Why? Because they are somewhat complicated. "What, I can
explicitly grant permissions for my network printer to access this file?"
Microsoft doesn't make it easier. The documentation in MSDN is near useless. The
web isn't your friend here either since a lot of the websites I've found when
looking for more info were just
wrong.
I was working on a nasty
file-permissions problem in a project that I was working on which necessitated a
move from old-style file permissions code to ACLs. Now, I've been developing
professionally on Windows for over 10 years, and I thought that I understood
ACLs. Nope, I just thought I did. I spent days studying the web and writing test
programs to figure out how to give the appropriate permissions to a single file.
Luckily, I had an awesome tester who could break my stuff in ever more
increasingly complicated ways, otherwise I probably would have shipped something
that either didn't always worked or was just a crazy security
hole.
I realized that if it was that
hard for me, what about all those less experienced or rushed developers
currently shipping applications for Windows? The majority of developers inside
of Microsoft probably don't understand ACLs as well as they should. Is there any
wonder why there are so many security issues in Windows?
The answer isn't further complexity,
but better documentation and education. This is critical stuff for Microsoft and
3rd party developers. It is time that Microsoft treated it that
way.
I haven't reviewed the ACL
implementation in OS X 10.4 yet, but I shuddered when I heard that it was being
added.
Posted: Wed - May 11, 2005 at 08:51 AM
|