Security, was: Re: Make named pipe on W7 generally accessible

On 05/04/2011 08:48 PM, Gary Little wrote:

I found a string whose description was the closest fit to my needs
and then cut and pasted the hell out of it.

I think that’s how most security string problems are solved.

I agree. IMHO this also shows that security strings are too complicated
to use, and therefore dangerous.

Workaround: an easy-to-use tool to make, view and edit security
descriptors. Solution: a system that is easier to understand.

Same as with certificates and signatures: nice and useful stuff.
But don’t expect to really understand it if you don’t invest a few weeks
into learning about public key cryptography.
Therefore nobody uses them if they are not forced to do so.

Solution: Make PK and certificates transparent and easy to use.

NB: Currently most of us have three *different* certificate stores on
our system [Registry, NS, Java], without easy-to-use tools to even
inspect them, not even to mention import/export and conversion.