You do have a point—Linux does not warn users against running superuser commands constantly and naggingly. Also not the beginner-friendly distros like Zorin, Mint and Ubuntu (as far as I know).
To me that’s fine, because I know not to just run any command, but my grandma who gets an email from a trustworthy-sounding person telling them to run “sudo install this keyboard logger and Rustdesk scripted installer” will not know better.
So then that begs the question, given you seem to know something about it: how should this be addressed? (I assume you know something about this—I don’t even know what an UAC prompt is.)
On the other hand: How does Windows stop users from running the .exe file a trustworthy-sounding person emailed them? You could argue that’s easier to ask people to do than to open the terminal and write a command in there.
That’s basically the equivalent of the root credentials prompt in Linux.
So then that begs the question, given you seem to know something about it: how should this be addressed?
I’m not sure it can be addressed. It would require completely redefining how permissions work in Linux, I think.
The way Windows handles it is that if updates are coming in through “secure” channels (official OS updates, Store application updates, updates to applications that do not touch any protected areas), administrator permissions are just never required. For example, a browser update just happens in the background. You open your browser, use it, you close it for the day, you open it the next day, and it’s the new version already.
I don’t think this could ever work in Linux due to the fundamental difference in how software is installed. In Windows, applications have their own folders, in Linux everything is dropped, based on type, to just a couple of “centralised” folders, right? So, every app must have access to those folders, which prevents this kind of “if you don’t touch this, you won’t need admin” approach.
Maybe things like Flatpacks could solve it, since the apps (to my understanding) are more self-contained, a bit like UWP apps in Windows.
On the other hand: How does Windows stop users from running the .exe file a trustworthy-sounding person emailed them?
The UAC prompt has a very specific design and will warn you with an orange colour band if the application is not signed with appropriate certificates. If it’s a suspected dangerous application, the band will be red.
You could argue that’s easier to ask people to do than to open the terminal and write a command in there.
You can send them an .sh file for the exact same effect. Bah, you can send them a .pdf file that’s actually an executable script in Linux.
You do have a point—Linux does not warn users against running superuser commands constantly and naggingly. Also not the beginner-friendly distros like Zorin, Mint and Ubuntu (as far as I know).
To me that’s fine, because I know not to just run any command, but my grandma who gets an email from a trustworthy-sounding person telling them to run “sudo install this keyboard logger and Rustdesk scripted installer” will not know better.
So then that begs the question, given you seem to know something about it: how should this be addressed? (I assume you know something about this—I don’t even know what an UAC prompt is.)
On the other hand: How does Windows stop users from running the .exe file a trustworthy-sounding person emailed them? You could argue that’s easier to ask people to do than to open the terminal and write a command in there.
That’s basically the equivalent of the root credentials prompt in Linux.
I’m not sure it can be addressed. It would require completely redefining how permissions work in Linux, I think.
The way Windows handles it is that if updates are coming in through “secure” channels (official OS updates, Store application updates, updates to applications that do not touch any protected areas), administrator permissions are just never required. For example, a browser update just happens in the background. You open your browser, use it, you close it for the day, you open it the next day, and it’s the new version already.
I don’t think this could ever work in Linux due to the fundamental difference in how software is installed. In Windows, applications have their own folders, in Linux everything is dropped, based on type, to just a couple of “centralised” folders, right? So, every app must have access to those folders, which prevents this kind of “if you don’t touch this, you won’t need admin” approach.
Maybe things like Flatpacks could solve it, since the apps (to my understanding) are more self-contained, a bit like UWP apps in Windows.
The UAC prompt has a very specific design and will warn you with an orange colour band if the application is not signed with appropriate certificates. If it’s a suspected dangerous application, the band will be red.
You can send them an .sh file for the exact same effect. Bah, you can send them a .pdf file that’s actually an executable script in Linux.