Prev: Snow Leopard Safari Tabs
Next: AIM Mail on Safari: "Too many redirects"
From: Wes Groleau on 11 Oct 2009 17:05
J.J. O'Shea wrote:
> On Sun, 11 Oct 2009 15:44:32 -0400, Wes Groleau wrote
>> With either parallels or Fusion (or any other virtualizer) can it be set
>> so that the Mac permissions, groups, and owners are enforced in Windows?
>>
>> What I'm getting at is that if the Windows _system_ is owned by the Mac
>> root/wheel, and the Windows user inherits privileges from the Mac
>> account of the same name, that would significantly limit Windows malware.
>
> I wouldn't count on that. So far as I can see, a Windows system is a Windows
> system is a Windos system.

But are't all of its file accesses routed through the virtualizer to the
host O.S. ? The virtualizer probably has to run as root to be able to
do what it needs, but it _could_ be coded to change EUID for certain
operations.

>> A related question--can any of the virtualizers pass-through the Mac
>> login? i.e., if we install Win XP, put on it an admin account and a
>> user account for my wife, can she launch a Windows program without
>> having to repeat her login for Windows?
>
> Parallels can do something like that.

Thanks. That makes a decision for me--unless Fusion or some other can
also do it. :-) I spent more than five minutes on this at Best Buy
before it dawned on me that if the guy can't understand the question,
he probably doesn't know the answer. :-)

--
Wes Groleau

Small class size and its opponents
http://Ideas.Lang-Learn.us/barrett?itemid=992
From: Erik Richard Sørensen on 11 Oct 2009 17:56

J.J. O'Shea wrote:
> Wes Groleau wrote:
>> Dave Lawson wrote:
>>> just occured to me reading the OP. I don't have windows on my mac iBook
>>> and don't intend to but if I did I now know I need to protect it as the
>>> mac will not protect it itself, which I did wonder about.
>> With either parallels or Fusion (or any other virtualizer) can it be set
>> so that the Mac permissions, groups, and owners are enforced in Windows?
>>
>> What I'm getting at is that if the Windows _system_ is owned by the Mac
>> root/wheel, and the Windows user inherits privileges from the Mac
>> account of the same name, that would significantly limit Windows malware.
>
> I wouldn't count on that. So far as I can see, a Windows system is a Windows
> system is a Windos system.

When installing the Parallels Tools a 'firewall' with it's own IP also
will be installed on the Mac side and act like a firewall so that the
Windows system is protected by this firewall. It isn't 100% secure, but
it works rather nice here with WinXP Pro + 10.5.8 on my Macpro...

Chers, Erik Richard

--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Erik Richard Sørensen, Member of ADC, <mac-manNOSP(a)Mstofanet.dk>
NisusWriter - The Future In Multilingual Text Processing - www.nisus.com
OpenOffice.org - The Modern Productivity Solution - www.openoffice.org
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
From: Jolly Roger on 11 Oct 2009 18:00
In article <hathb4$8t7$3(a)news.eternal-september.org>,
Wes Groleau <Groleau+news(a)FreeShell.org> wrote:

> J.J. O'Shea wrote:
> > On Sun, 11 Oct 2009 15:44:32 -0400, Wes Groleau wrote
> >> With either parallels or Fusion (or any other virtualizer) can it be set
> >> so that the Mac permissions, groups, and owners are enforced in Windows?
> >>
> >> What I'm getting at is that if the Windows _system_ is owned by the Mac
> >> root/wheel, and the Windows user inherits privileges from the Mac
> >> account of the same name, that would significantly limit Windows malware.
> >
> > I wouldn't count on that. So far as I can see, a Windows system is a
> > Windows
> > system is a Windos system.
>
> But are't all of its file accesses routed through the virtualizer to the
> host O.S. ? The virtualizer probably has to run as root to be able to
> do what it needs, but it _could_ be coded to change EUID for certain
> operations.

The most common configuration is to have the VM use what is called a
virtual hard drive. That is a disk image that the VM mounts and treats
as if it were an actual disk. The contents of that disk are completely
separate from the Mac OS X file system. This is a Good Thing�.

--
Send responses to the relevant news group rather than email to me.
E-mail sent to this address may be devoured by my very hungry SPAM
filter. Due to Google's refusal to prevent spammers from posting
messages through their servers, I often ignore posts from Google
Groups. Use a real news client if you want me to see your posts.

JR
From: Walter Bushell on 8 Nov 2009 11:13
In article <jollyroger-F5BCBA.17003811102009(a)news.individual.net>,
Jolly Roger <jollyroger(a)pobox.com> wrote:

>
> The most common configuration is to have the VM use what is called a
> virtual hard drive. That is a disk image that the VM mounts and treats
> as if it were an actual disk. The contents of that disk are completely
> separate from the Mac OS X file system. This is a Good Thing�.

So that Windows malware cannot affect your Mac file sytem.

--
A computer without Microsoft is like a chocolate cake without mustard.
From: Tom Stiller on 8 Nov 2009 11:51
In article <proto-1CA7A9.11134608112009(a)news.panix.com>,
Walter Bushell <proto(a)panix.com> wrote:

> In article <jollyroger-F5BCBA.17003811102009(a)news.individual.net>,
> Jolly Roger <jollyroger(a)pobox.com> wrote:
>
> >
> > The most common configuration is to have the VM use what is called a
> > virtual hard drive. That is a disk image that the VM mounts and treats
> > as if it were an actual disk. The contents of that disk are completely
> > separate from the Mac OS X file system. This is a Good Thing�.
>
> So that Windows malware cannot affect your Mac file sytem.

Provided that you haven't shared too much of your home directory with
the Windows VM.

--
Tom Stiller

PGP fingerprint = 5108 DDB2 9761 EDE5 E7E3 7BDA 71ED 6496 99C0 C7CF
 |  Next  |  Last
Pages: 1 2
Prev: Snow Leopard Safari Tabs
Next: AIM Mail on Safari: "Too many redirects"