Slashdot Log In
Microsoft Patents sudo
Posted by
michael
on Fri Aug 20, 2004 09:00 PM
from the you're-just-mad-you-didn't-think-of-it-first dept.
from the you're-just-mad-you-didn't-think-of-it-first dept.
Jimmy O Regan writes "Justin Mason (of SpamAssassin fame) has this blog entry: US Patent 6,775,781, filed by Microsoft, is a patent on the concept of 'a process configured to run under an administrative privilege level' which, based on authorization information 'in a data store', may perform actions at administrative privilege on behalf of a 'user process'."
This discussion has been archived.
No new comments can be posted.
Microsoft Patents sudo
|
Log In/Create an Account
| Top
| 663 comments
(Spill at 50!) | Index Only
| Search Discussion
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
|
2
Prior Art? (Score:5, Interesting)
(http://www.something.com/)
Re:Prior Art? (Score:5, Insightful)
Re:Prior Art? (Score:5, Funny)
(http://sccs.swarthmore.edu/~cbr)
Re:Prior Art? (Score:5, Funny)
Re:Prior Art? (Score:5, Funny)
(Last Journal: Thursday August 12 2004, @10:56PM)
badly.
Re:Prior Art? (Score:5, Funny)
Re:Prior Art? (Score:5, Insightful)
(http://www.ferion.net/ | Last Journal: Monday May 06 2002, @02:16AM)
They can patent it just fine, all the USPTO has to do is not notice the similarity. It's when they get to court with somebody about it that the problem actually exists.
I had to sound like an arrogant ass here, but maybe you should go work for the Patent Office? Not because it'd teach you a lesson, but because it is pretty clear that whoever approves these doesn't understand the area they're in. I mean, look how technical the patent is. Either the patent office picked up on a subtle nuance that makes it different from *nux, or they just didn't connect it with something it does already.
Re:Prior Art? (Score:5, Insightful)
Re:Prior Art? (Score:5, Insightful)
USPTO itself is understaffed.
It doesn't matter how well staffed the patent office is. It is humanly impossible for a government office to realistically assess all of human knowledge for prior art. To say otherwise is dishonest.
More precisely the patent office examiners a liars if they can say with a straight face thay have checked all possible places for prior art on an invention they have never seen before. Only a scientist who has spent a lifetime working in a very narrow area can do this, and even then they make mistakes all the time. It is financially impossible for the patent office to employ a scientist in every narrow area. Just look at their understanding of even one area like software. Absolutely hopeless.
In any case prior art is a necessary but not sufficient evidence of inventiveness.
---
It's wrong that an intellectual property creator should not be rewarded for their work.
It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons.
Reform IP law and stop the M$/RIAA patent/copyright abuse.
Re:Prior Art? (Score:4, Interesting)
(http://www.jbryce.org.uk/)
If someone objects on the basis of prior art, then the patent office could look and see if their complaint was valid or not.
Re:Prior Art? (Score:4, Interesting)
(Last Journal: Monday September 25 2006, @05:14PM)
This has been in place for several years. All patent applications are published in a pre-grant publication (PGPub) at most 18 months after they are submitted. This usually means that the application will be published but unexamined for 12-18 months, and usually published and not issued (or finally rejected) for about 24 months.
There is a section of 35 USC which specifically enables 3rd parties (you) to submit (without editorializing or commenting) pieces of art that you think are applicable. While I haven't poured over this patent, I would have -definitely- looked at UNIX/Linux in excruciating detail while prosecuting it.
Long story short - there is a system in place where you could have looked at this application while it was pending and submitted UNIX man pages or whatever. The fact is that nobody, nobody, nobody ever does this (except large corporations who pay people to do so against their competitors applications.)
Re:Prior Art? (Score:5, Insightful)
Re:Prior Art? (Score:5, Insightful)
(Last Journal: Sunday February 18 2007, @11:40AM)
Stop making excuses for the incompetent. We all have to pay for their screwups, and it's about freakin' time they were held accountable.
Sue them. Sue them for your legal fees, your lost revenue, your lost potential revenue, damage to your corporate image, and anything else you can think of if you get caught in a bogus IP "lawsuit" by some vulture corp because of USPTO incompetence.
If they can't do the job, don't do it. Let the backlog build up until industry screams and starts pushing for Congress to increase the budget. As long as you push incompetent crap through instead, the funding will never be increased because corporate America does not see just how much damage you're doing with your negligence at the USPTO.
And believe me, it is emphatically negligance.
Not really a patent (Score:5, Funny)
(http://shockandblog.com/blog)
thanks, I'll be here all week....
Re:Not really a patent (Score:4, Funny)
Damn trekkies everywhere.
maybe not so easy (Score:4, Insightful)
(Last Journal: Friday May 05 2006, @11:53PM)
At least, normal sudo use doesn't count.
This looks more like a daemon that will accept
commands to run. With sudo, you don't have a
privileged process performing actions on behalf
of a user process. It's a privileged process all
by itself, plain and simple.
Maybe xcdroast+cdrecord would count, if cdrecord
is setuid and xcdroast is not. That's key. You
have to have two processes, one of which is not
privileged. Knowing the way Windows would likely
do things though, a daemon may be required.
Re:maybe not so easy (Score:5, Insightful)
Re:maybe not so easy (Score:5, Informative)
The summary is mostly irrelivant as to what legal protection the patent has. The legal protection comes from the part marked "claims". And if you look at claim 1:
You need an "admin. security process" that is "executing ... under ... admin. priv. level".
It, the "admin. security process" then needs to "accept request[s] from a user process".
So, it's somewhat questionable if sudo would really block the claims. I'm sure if one were to send the patent office the sudo info, MS would argue that they have an "already running admin. process" that then actively accepts requests from other user processes.
In any case, everyone here who's uptight about the patent, there's at least two things you can do. 1) you can collect together all your sudo data, and optionally if you want explain how you think it describes a system that operates the same as the claimed system, and send it to the patent office to be placed into the legal record of this patent. That's the low cost (or maybe no cost, check the patent office web site for details) option available for you. Or, 2) you can collect together all your sudo data, and explain carefully how you think it describes what the claims describe, and file with the patent office for what is known as a reexamination of the patent. Yes, that's correct, you, someone unrelated to either MS or the patent office, or this patent, can actually send in your information and ask that the patent office reconsider their decision. Again, check the web site for details. So, instead of belly aching about how bad a job the patent office is or is not doing, why not simply help them out by sending them the info you know about, and then they have a better chance of doing a better job. And who knows, you might actually get this patent killed in the process.
Re:maybe not so easy (Score:4, Interesting)
(http://www.something.com/)
you may be correct... I wonder, in security terms, if its a good idea to have such a thing constantly on, like you describe.
Re:maybe not so easy (Score:5, Funny)
Would that be in the administrative process or in the user process?
killall sudo_patent
Re:maybe not so easy (Score:5, Insightful)
In the patent context it's hardly a OS process, more a "description of collected steps performing a defined functionality".
If you think sudo does not count you're definitely incorrect. The sudo program is a process (performs defined steps) under an authorized level (setuid root) goes after privileges (grouped by user/computer/group/whatever) and allows or denies privileges.
That's the patent.
What M$soft does right now is write zillions of patents, no matter if they have previous art - they sure know it exists. Their straegy appears to be to get as many patents as possible and then one has to go to court to get it revoked. They got billions of $$'s in their war chest ant they are using it in this manner - one day we'll see how this turns out.
Re:Prior Art? (Score:5, Insightful)
(Last Journal: Wednesday August 24 2005, @07:04AM)
Re:Prior Art? (Score:5, Informative)
with something called "suw"
basically a su command that allowed authorized individuals to have
their own root password. the root login account
itself had unusable password.
each authorized users suw password was of course kept in
a "data store" (a private passwd style file)
and logging of its usage was done to provide an audit
trail.
this is at least 16 or more years old.
-k
Re:Prior Art? (Score:4, Interesting)
Re:Prior Art? (Score:5, Informative)
(http://www.davehollis.com/)
Absolutely !! (Score:5, Insightful)
(http://slashdot.org/)
So, I guess the prior art will be easy to show... right?
Absolutely,
however, if you want the prior art to have any legal meaning, you will have to affort a costly legal process with the evil empire's lawyers.
You see, it doesn't matter so much who is *right* any more. It costs a awful lot of money just to have your case heard.
Oh, yeah (Score:5, Funny)
(http://web.vorticon.org/ | Last Journal: Monday February 14 2005, @01:00AM)
Probably redundant by now.
Why do they even try? (Score:5, Informative)
(http://blog.fagulous.us/ | Last Journal: Wednesday July 28 2004, @12:01AM)
So of course this is completely unenforcable...I wonder if they'll even try. What is the process to go about for getting this patent revoked?
Re:Why do they even try? (Score:5, Insightful)
Re:Why do they even try? (Score:5, Insightful)
(Last Journal: Friday December 01 2006, @10:51AM)
This is not about being unenforcable. This is about having a HUGE cabinet of patents that you can throw at whoever and use to stop them. Now, many of MS's patents are nothing but rip offs. But, if you were hit with more than 1000 patents, just the reading and understanding of them could take a year or two.
Very scarey
Re:perhaps my evil genius hat isn't working (Score:5, Funny)
(http://www.cbserviceslondon.com/ | Last Journal: Thursday August 14 2003, @01:12PM)
Manager 1: Wow! They accepted that patent! The USPTO is crazy! Even with a year or so of prior art!
Manager 2: Yeah, no kidding!
Manager 1: Let's try this one next. It's got 3 years prior art.
Manager 2: Wow! They accepted that one too! What morons!
Manager 1: Man...let's see just how crazy we can get here...let's go with 20 years prior art, and see if the dopes accept it!
Manager 2: LOL HAHA ROFLMAO! They took it! What planet do these guys live on?!?!
Re:perhaps my evil genius hat isn't working (Score:5, Funny)
(http://virtuallyshocking.com/)
M1: Alright, pay up.
M2: I can't believe this. (pays)
M3: Hey guys, 3 to 1 odds I don't get the patent on the 'long rectangular button which inserts a space character when pressed'. Who's in?
M1: $50 you don't get it.
M2: $200 for.
Re:perhaps my evil genius hat isn't working (Score:5, Funny)
Patent office employee: ok, granted!
Microsoft:
Patent office employee: NO NO NO I said granted!!
Microsoft:
Patent office employee: I SAID GRANTED!!
Microsoft: yeah but there was another pate...
Patent oggice employee: KNOCK IT OFF ALREADY!!! GRANTED YOU BIG-POCKET COMPANY!!!
Re:perhaps my evil genius hat isn't working (Score:5, Funny)
(http://www.quanterium.com/)
It would probably read more like:
But specifically, they'd be patenting C:\> .
Quick! Send in your prior art! (Score:5, Funny)
(http://www.bigtubresort.ca/)
Re:Quick! Send in your prior art! (Score:5, Funny)
(http://www.cafepress.com/lehk | Last Journal: Wednesday July 25, @12:50AM)
Re:Quick! Send in your prior art! (Score:5, Funny)
(http://www.arbitraryconstant.com/)
sudo rm -rf
Re:Quick! Send in your prior art! (Score:5, Funny)
(http://fennecfoxen.org/)
cat
Re:Quick! Send in your prior art! (Score:5, Funny)
(http://virtuallyshocking.com/)
Re:Quick! Send in your prior art! (Score:4, Funny)
(http://booktextmark.mozdev.org/)
ahem (Score:3, Funny)
Setuid? (Score:5, Insightful)
Re:Setuid? (Score:4, Informative)
(http://www.linif.org/)
Re:Setuid? (Score:4, Informative)
(http://trillian.mit.edu/~jc/ | Last Journal: Saturday August 14 2004, @05:03PM)
It certainly does. It verifies that the parent's uid has valid execute permission on the new program by comparing the owner and the x bits. This information is stored in the inode, which is in a filesystem (usually but not always a disk). A unix filesystem would certainly qualify as a "data store".
So unix systems have two different instances of prior art, the setuid (and setgid) bit, and the somewhat later sudo command.
Of course, the main question is whether anyone will be able to afford the effort to get this patent invalidated. Or will Microsoft be able to bankrupt anyone who tries?
I suppose IBM could decide that this is a challenge to the security setup in their aix and linux systems. They probably have the money to successfully fight this one. I don't think I do.
Proof of concept? (Score:5, Interesting)
(http://www.afn.org/~afn31208 | Last Journal: Saturday January 01 2005, @11:56PM)
Re:Proof of concept? (Score:5, Interesting)
Problem is, I have seen this unprivileged user, and its broken. A few years ago we split our NT accounts in the IT office I worked in into 'priv' and 'non-priv' accounts for each of us. Previously, our typical logins had all the admin privs to do whatever we needed on the workstation.
The plan was that we could use the win2k/xp version of 'su' (whatever it is called, I don't remember) to do things that needed elevated privs. IT DIDN'T WORK. Some of the child processes, for example, of burning a CD would spawn as your unprivileged context - meaning you couldn't burn a damn CD. You had to log out, and log back in with your priv account for a simple task like burning a CD.
I think its great how Microsoft steals ideas from other people (*cough*NIX), comes up with a totally frelled implementation that many times doesn't work - and then A) breaks the existing standards, B) goes off and patents the idea as their own or C) both
Perhaps Microsoft's division which is doing all this should simply be retitled "Patent Whores"
Re:Proof of concept? (Score:5, Informative)
(Last Journal: Thursday May 12 2005, @08:46PM)
A brief history of SUDO (Score:5, Informative)