>No real sandboxing, a mountain of legacy… You have: - Windows Sandbox (consumer-level sandbo...

TZubiri • today at 10:45 AM • 1 reply • view on HN

>No real sandboxing, a mountain of legacy…

You have:

- Windows Sandbox (consumer-level sandbox) - Creating a separate User (User folders are permission locked to their user by default, system binaries cannot be modified without admin access) - HyperV (VM hypervisor) - Edge Browsers

Don't get me wrong MSFT quality is dropping steeply, but this is still a strong point. For comparision, on Ubuntu, user folder by default can be read by all users.

Replies

michaelsshaw • today at 1:16 PM

>Creating a separate User (User folders are permission locked to their user by default, system binaries cannot be modified without admin access)

Common practice, and even encouraged by Windows itself, is having the administrator account be the only account. This misuse is a very common thread in Windows systems, and security breaches alike.

➕ show 2 replies

alt Hacker News

Replies