Security
Caveats
Most if not all pages are just rough notes, and these pages as a whole are far from complete. More notes will be added in time, eventually, maybe.
If, from reading these notes, you conclude that I am off my rocker, you won’t be the first, and you may even be right. These pages may simply position me as an acolyte to the late Gene Ray.
No doubt there are a dozen and one reasons why none of this would ever work, but perhaps somewhere deep down there is a tiny fragment that could be used for something.
Contents
Overview
Security is a whole subject unto itself that is best left to experts in this field. A few notes will be added here but no in-depth treatment of the subject is to be expected.
Multi-tier authorisation
User Account Control (UAC) in Microsoft Windows, and a similar system under macOS, activates administration privilege to specific processes on behalf of users who are already administrators, and allows operations to be performed instead in the context of an administrator (where the session user is not an administrator). However, there is no equivalent mechanism for standard users to moderate their own privilege over themselves. For example, a standard user is still able to get their user account infected, and still able to make mistakes that could be avoided.
Since users would not want a whole separate account just for protection of their non-administrator account, something similar to UAC but for self-protection might have a purpose. This could be a simple prompt, or a more involved challenge (such as a second password) that takes enough effort to avoid accidentally agreeing to something they should not have agreed to.
It’s not clear that this extra tier is of any value, but perhaps it is worth considering.
sudo
There will not be an equivalent to sudo where tasks are run as a “root” user. Elevated tasks will run as the same user (where they have the privilege to do so) or as another, specific administrator account.