Question:
Why does windows not use the 3 layers like Linux?
anonymous
2011-03-20 20:09:04 UTC
Quote The bottom Layer (the "base" or the "root") is the guts of the operating system. Here are the system files a user never sees, and should never mess with. Here is where in[put/output is controlled, and how memory and disc access are managed. Nothing here pertains to the normal user. So all these files are locked down and require the highest access level to be able to modify.

An administrator will need access here to perform a system update, or add a new feature (second hard drive, new graphics card, whatever). Otherwise it is left alone
So this layer requires root access

The middle layer is the file system and the applications. Depending on the way the computer is used and the ability of the user, this layer and the upper layer may use the same access level or they may be split. Assuming the machine is fully compartmented, then a supervisor might have middle level access so he can add and remove programs and change permissions of shared file systems. But he is not a "guru" so he does not have "root" access.

The top layer is the user layer. In a locked down machine, the user can open and run programs they are set up for them, store data where the supervisor has designated, and read files they have permissions for. Otherwise, they are locked out of the machine, and cannot change or view areas outside their boundaries.

Because of this structure, Linux is by design a far more secure system. Quote
======================================…

Why does windows not use the 3 layers like Linux ? What about Mac computers do they use this 3 layers like Linux .

Sorry it hard for windows user like my self to understand this or the concept of "root" "admin" and "users" with different levels of system access .
Three answers:
Ben
2011-03-20 20:25:43 UTC
"3 layers" is a really weird way of putting it, because it's not actually what happens in Linux. Each file has an owner and an owning group. You can then set the permissions for the owner, the people in the group, and everyone else. So you can have as many different sets of permissions as you want. The "root access" referred to in the second level is just giving someone the ability to use the sudo command. That command allows you to execute a program as if you were another user (usually root). In this system, you never actually run as root because there's no need to.



This security set up was not developed specifically for Linux. It was developed at AT&T's Bell Labs, for their Unix operating system in 1970. Linux was based heavily on Unix. Mac OS X is actually derived from Unix, not from the classic Mac OS. As such, it uses the same file system permissions.



NTFS, the file system used on Windows NT-based operating systems including Windows XP, Vista, and 7, actually supports more complex file permissions than the Unix standard. That's never been the issue. The problem has always been that until Windows Vista, users typically ran as members of the Administrators group, with full access to the system (there was no separate "Administrator" user). Vista's much-maligned User Account Control features was actually a switch to something similar to the Unix model. The user would be a standard user with the ability to elevate their permissions (although you would be prompted to confirm this, just as the sudo command requires you to enter your password). There is now a hidden Administrator account on Windows that functions like the root account in Unix.
anonymous
2011-03-20 20:17:11 UTC
Windows was meant to be more user-friendly than Unix. And it is. And this is exactly why.



Mac operating system is actually built from a type of Unix, so yeah it operates behind the scenes like unix.



If you use Vista or Win 7 you will notice you get a UAC window which opens up every time you try to modify some critical part of your computer. This is akin to requesting root privileges on a unix machine. Windows was actually built to mimic this multi-layer approach by using "users" and "groups", and if you were to work in a domain environment you would notice the similarities. But a standalone windows installation will assume the default user is an "administrator", comparable to a root user. This is really not secure, but it is the easiest way a typical non-techie computer user will be able to do things like install software, update drivers, etc without being hassled by their operating system.



To sum up, windows CAN use the same approach, and you can certainly set up your own windows system to mimic unix-type privileges, but by default it does not simply to allow the most ease of use to the most people.
?
2016-11-16 07:16:11 UTC
abode windows does incorporate some protection mechanisms because of the fact the 1st variations of NT, yet those are in basic terms no longer used. There are too a lot enterprise around the vulnerabilities to restoration 'em... everybody is familiar with... OTOH, there is not any such 3-layer shape on Linux... the place did you get carry of that stupid concept? protection is a complicated concern... on Linux you have rather some protection mechanisms, like Tomoyo, SELinux, and so on. yet no longer something like 3 equipment layers...


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...