• jacksilver@lemmy.world
    link
    fedilink
    English
    arrow-up
    12
    ·
    1 month ago

    To be honest, it actually does sound like a reasonable and security focused change. It basically looks to take a more zero trust kind of approach in regards to admin elevation.

    • BearOfaTime@lemm.ee
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      1 month ago

      UAC is a bandaid for a lack of proper local user account management. I never see it in Enterprise, nor on my home machines, as users have appropriate permissions, with admin being tightly controlled. (To be honest, I just turn it off on my home machines, run as a user, and if I need admin I switch accounts).

      This really only affects home users who like to run as admin all the time (about 98% of us, I’ve been guilty of it most of my career).

      I get it, I just don’t see it really being a significant risk (this is related to a hack published perhaps a week ago where an attacker, could, potentially, maybe, gain admin by timing the attack perfectly during an install, but only on specific machines).

      • jacksilver@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 month ago

        I’d take your word on it, OS level security is not my forte. The main thing I was calling out is that the change seems to be looking to actually fix an issue and not limit control, as the original commenter seemed to imply.