Ask Ubuntu Asked by Lyubomir on February 14, 2021
Windows has File Protection feature, according to Microsoft:
Windows File Protection (WFP) prevents programs from replacing
critical Windows system files. Programs must not overwrite these files
because they are used by the operating system and by other programs.
Protecting these files prevents problems with programs and the
operating system.WFP protects critical system files that are installed as part of
Windows (for example, files with a .dll, .exe, .ocx, and .sys
extension and some True Type fonts). WFP uses the file signatures and
catalog files that are generated by code signing to verify if
protected system files are the correct Microsoft versions.
Replacement of protected system files is supported only through the following mechanisms:
- Windows Service Pack installation using Update.exe
- Hotfixes installed using Hotfix.exe or Update.exe
- Operating system upgrades using Winnt32.exe
- Windows Update
If a program uses a different method to replace protected files, WFP
restores the original files. The Windows Installer adheres to WFP when
installing critical system files and calls WFP with a request to
install or replace the protected file instead of trying to install or
replace a protected file itself.
Does Ubuntu offer such a feature?
EDIT: https://en.wikipedia.org/wiki/Windows_Resource_Protection
This Seems to replace WIndows File Protection, basically Only one system account owns the system files, processes running with administrator rights cannot replace system files and only TrustedInstaller processes can replace system libraries and registry entries.
The answer is no; Ubuntu does not have an equivalent to MFP/MRP.
In Unix, if you have root access, there is no limit to the destruction you can wreak upon the filesystem. Most of us understand and accept this.
In Windows, Administrator logins start with a limited set of rights assigned, via tokens, to their logon process. But they have the ability to create new tokens and processes with elevated rights and to impersonate any security principles; including localsystem and trustedinstaller. Once that is accomplished, they can destroy the filesystem just as effectively as root on Linux. There are just more hoops to jump through (the Microsoft way).
Consequently, for those of us that have deep understanding of both environments, MFP/MRP feel more like marketing than actual protection.
Don't listen to the marketing!
Windows or Linux, you simply must assume your system will get trashed (or at the very least, pick up annoying behavior) from time to time - for any number of reasons. Real protection only comes from a robust backup/recovery strategy.
"Be prepared!" - Japeth the Goat, Hoodwinked
Correct answer by Frobozz on February 14, 2021
Get help from others!
Recent Questions
Recent Answers
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP