tensixtyone

In the past I’ve mentioned about how insecure Windows is, generally I try and avoid it for any end users wherever possible. Today I spotted a article on Digg regarding the new Samsung printer drivers, and its got me wondering now, is it actually Windows that’s insecure or the developers who can’t be bothered developing correctly for the platform?

Usually, vendor provided drivers for Linux aren’t the best, and are only used in dire circumstances that a free driver hasn’t been wrote, Samsung’s April 2007 now contain a disturbing “setup” script that essentially gives setuid privileges to XSANE, OpenOffice and possibly a few other applications.

Take a look a this script on linuxfr.org

Without seeing the suwrap script I can’t be sure what it’s actually doing, but I assume its modifying the lib path with the specific Samsung drivers, the initial setup script is just punching massive holes in the security of linux, users would be able to edit /etc/passwd or /etc/shadow with these permissions.

So, are all Windows issues down to the OS?