ACLs


want to know why Windows is so easily hacked?

As technologies progress and our devices are ever more networked with each other, security in operating systems has become increasingly complex. This complexity makes the systems themselves less secure because it is harder for developers to understand it. So the OS vendors add complexity to deal with the fact that applications are doing security wrong which creates a vicious cycle.

Are you a windows developer? Do you understand ACLs? Maybe you do, but most likely you only think that you do. Why? Because they are somewhat complicated. "What, I can explicitly grant permissions for my network printer to access this file?" Microsoft doesn't make it easier. The documentation in MSDN is near useless. The web isn't your friend here either since a lot of the websites I've found when looking for more info were just wrong.

I was working on a nasty file-permissions problem in a project that I was working on which necessitated a move from old-style file permissions code to ACLs. Now, I've been developing professionally on Windows for over 10 years, and I thought that I understood ACLs. Nope, I just thought I did. I spent days studying the web and writing test programs to figure out how to give the appropriate permissions to a single file. Luckily, I had an awesome tester who could break my stuff in ever more increasingly complicated ways, otherwise I probably would have shipped something that either didn't always worked or was just a crazy security hole.

I realized that if it was that hard for me, what about all those less experienced or rushed developers currently shipping applications for Windows? The majority of developers inside of Microsoft probably don't understand ACLs as well as they should. Is there any wonder why there are so many security issues in Windows?

The answer isn't further complexity, but better documentation and education. This is critical stuff for Microsoft and 3rd party developers. It is time that Microsoft treated it that way.

I haven't reviewed the ACL implementation in OS X 10.4 yet, but I shuddered when I heard that it was being added.

Posted: Wed - May 11, 2005 at 08:51 AM           |


©