[Ubuntu-be] bad news: Microsoft Patents Sudo
ubuntu at janc.be
Sun Nov 15 02:33:07 GMT 2009
Op zaterdag 14-11-2009 om 11:16 uur [tijdzone +0100], schreef Pierre
> I'm not sure there is nothing to worries about. I've not read this
> patent but I bet it is yet another vague one over a nearly trivial
> idea expressed in a way allowing broader interpretation when necessary
> but with a narrower one at first read.
For example, this is how the end of the claim reads:
Systems and/or methods are described that enable a user to
elevate his or her rights, including through a user interface
identifying an account with these rights. By so doing, these
systems and/or methods may permit a user to use a computer in
relative safety from attacks by malicious code while also
enabling the user to easily elevate his or her rights to perform
potentially dangerous tasks. Although the invention has been
described in language specific to structural features and/or
methodological steps, it is to be understood that the invention
defined in the appended claims is not necessarily limited to the
specific features or steps described. Rather, the specific
features and steps are disclosed as preferred forms of
implementing the claimed invention.
In other words, the whole description of how UAC currently works is
"just an example".
In the InformationWeek article, the patent lawyer who says there is
nothing to fear also says:
After reviewing documents covering the patent's history,
Einschlag pointed to three specific identifiers that the
patent's examiner concluded were necessary for Microsoft's
invention to qualify as a patentable innovation: frequency of
use; association with the current user; and indication of
sufficient but not unlimited rights.
In other words, only the combination of those 3 things together
supposedly make UAC a "new invention". I doubt it's really new, but it
doesn't cover 'sudo', at least not as it's used now in most distros.
And I think most distro developers would consider it to be horribly
insecure--there is a reason why 'sudoers' is only readable by root (or
by people who were granted enough rights in 'sudoers' to become root of
More information about the ubuntu-be