This article is rated Start-class on Wikipedia's content assessment scale. It is of interest to the following WikiProjects: | ||||||||||||||||||||||
|
Hi. While this is a good start, in the current incarnation, it is no more useful than having a bunch of links to the different articles. While reading a comparison, one would expect a contrast between the general class of actions they kick in, technologically savvy users might want detailed info on this front like (from UAC PoV) sending which WM_ messages require elevations, which other actions at the process level mandate so etc. Also need to mention other ways to gain elevated privileges. In windows, the ctrl+alt+enter when from the start menu search bar etc etc. It will be an intriguing journey ahead. :) --soumসৌমোyasch 06:19, 13 March 2007 (UTC)
Thanks for getting this started... I'll fill out bits and pieces of information in the coming days. In the longer term, we will probably want to divvy things up by "approach" rather than by specific implementations. It's a lot easier to do a compare/contrast of specific implementations when discussing an approach.
We should probably mention Security-Enhanced Linux somewhere as well. -/- Warren 07:12, 13 March 2007 (UTC)
Warrens partially reverted my last edit to this article (diff), saying it was not justified. Please allow me to explain my reasoning behind this change:
—Remember the dot (talk) 03:00, 16 March 2007 (UTC)
Never mind about point 2. The secure attention key article has useful information relevant to the discussion. —Remember the dot (talk) 03:04, 16 March 2007 (UTC)
"By default in UAC, an administrator simply confirms or denies an action, instead of re-entering their password each time. While this approach is simpler, it is also less secure.[9] If the user physically walked away from the computer, another person could walk up and have administrator privileges over the system. Also, if the security of the Secure Desktop was compromised in some way, or the Secure Desktop was disabled, malicious applications would easily be able to gain administrator privileges by spoofing a mouse click on the "Allow" button, or by using keystroke logging to record the administrator's password."
That last part of the last sentence doesn't seem to make sense in the context: the rest of the paragraph is criticising the the way you don't have to type in your password if you're logged in as a member of the admin group, but the last part is a about recording the password?
Not to mention the whole second sentence is a complete tautology; it's basically saying "if someone comes up with a way to compromise the system, your system could be compromised". Well, obviously; and also by definition something that applies to all the systems being compared, rather than just UAC; yet it's couched as a criticism of UAC. Any objections to just deleting the whole second sentence?
I think that pfexec/rbac needs to be mentioned in this article. http://developers.sun.com/developer/technicalArticles/opensolaris/pfexec.html —Preceding unsigned comment added by 72.227.129.108 (talk) 19:30, 13 December 2008 (UTC)
Does anyone know the meaning in the use of the word "capture" where the article states "In GNOME, PolicyKit directs the X server to capture all keyboard and mouse input. Other desktop environments using PolicyKit may use their own mechanisms."? Is this a form of blocking of outside copying? This may need clarification. - KitchM (talk) 06:23, 20 November 2010 (UTC)
"Privilege elevation" redirects to this page. Any reason this does not redirect to Privilege escalation? and should this article be merged with that? ozhu (talk · contribs) 18:26, 17 September 2019 (UTC)
Востоновить акаунт (89832154326) 89.113.137.51 (talk) 23:39, 20 November 2021 (UTC)