Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Patents Security

Microsoft Patents sudo 663

Jimmy O Regan writes "Justin Mason (of SpamAssassin fame) has this blog entry: US Patent 6,775,781, filed by Microsoft, is a patent on the concept of 'a process configured to run under an administrative privilege level' which, based on authorization information 'in a data store', may perform actions at administrative privilege on behalf of a 'user process'."
This discussion has been archived. No new comments can be posted.

Microsoft Patents sudo

Comments Filter:
  • Prior Art? (Score:5, Interesting)

    by aweraw ( 557447 ) * <aweraw@gmail.com> on Friday August 20, 2004 @09:01PM (#10029673) Homepage Journal
    So, I guess the prior art will be easy to show... right?
    • Re:Prior Art? (Score:5, Insightful)

      by Anonymous Coward on Friday August 20, 2004 @09:04PM (#10029690)
      Sure, if you have the USD500,000 to field the court case. Most people cave first.

    • by cbr2702 ( 750255 ) on Friday August 20, 2004 @09:04PM (#10029693) Homepage
      How? Everyone knows those Open Sores hippies stole everything anyways.
    • Re:Prior Art? (Score:3, Insightful)

      by rubz ( 719242 )
      Why would they patent something which has been around for years in the competition's OS? There's no way they can actually patent sudo...not on my watch.
      • Re:Prior Art? (Score:5, Insightful)

        by NanoGator ( 522640 ) on Friday August 20, 2004 @09:52PM (#10029973) Homepage Journal
        "Why would they patent something which has been around for years in the competition's OS? There's no way they can actually patent sudo...not on my watch."

        They can patent it just fine, all the USPTO has to do is not notice the similarity. It's when they get to court with somebody about it that the problem actually exists.

        I had to sound like an arrogant ass here, but maybe you should go work for the Patent Office? Not because it'd teach you a lesson, but because it is pretty clear that whoever approves these doesn't understand the area they're in. I mean, look how technical the patent is. Either the patent office picked up on a subtle nuance that makes it different from *nux, or they just didn't connect it with something it does already.
        • Re:Prior Art? (Score:5, Insightful)

          by The Kow ( 184414 ) <{moc.liamg} {ta} {pmantup}> on Friday August 20, 2004 @11:23PM (#10030384)
          Let's be fair, if you had to read these at the rate they do at the USPTO, then figure out exactly wtf all this double-talking techno babble means, eventually things would start blending together and crap like this would filter through. I thought it was generally accepted that the main problem is not that the USPTO people don't know what they're doing, it's that 1) the patent process has been turned from a means to protect innovation into a profitable business model, and nobody seems to want to stop it, and 2) the USPTO itself is understaffed.
          • Re:Prior Art? (Score:5, Insightful)

            by bit01 ( 644603 ) on Saturday August 21, 2004 @01:41AM (#10030850)

            USPTO itself is understaffed.

            It doesn't matter how well staffed the patent office is. It is humanly impossible for a government office to realistically assess all of human knowledge for prior art. To say otherwise is dishonest.

            More precisely the patent office examiners a liars if they can say with a straight face thay have checked all possible places for prior art on an invention they have never seen before. Only a scientist who has spent a lifetime working in a very narrow area can do this, and even then they make mistakes all the time. It is financially impossible for the patent office to employ a scientist in every narrow area. Just look at their understanding of even one area like software. Absolutely hopeless.

            In any case prior art is a necessary but not sufficient evidence of inventiveness.

            ---

            It's wrong that an intellectual property creator should not be rewarded for their work.
            It's equally wrong that an IP creator should be rewarded too many times for the one piece of work, for exactly the same reasons.
            Reform IP law and stop the M$/RIAA patent/copyright abuse.

            • Re:Prior Art? (Score:4, Interesting)

              by jonbryce ( 703250 ) on Saturday August 21, 2004 @04:29AM (#10031219) Homepage
              You could have a period where the public are allowed to submit objections to the patent.

              If someone objects on the basis of prior art, then the patent office could look and see if their complaint was valid or not.
              • Re:Prior Art? (Score:4, Interesting)

                by back_pages ( 600753 ) <back_pages@NoSpam.cox.net> on Saturday August 21, 2004 @10:12AM (#10032269) Journal
                You could have a period where the public are allowed to submit objections to the patent.

                This has been in place for several years. All patent applications are published in a pre-grant publication (PGPub) at most 18 months after they are submitted. This usually means that the application will be published but unexamined for 12-18 months, and usually published and not issued (or finally rejected) for about 24 months.

                There is a section of 35 USC which specifically enables 3rd parties (you) to submit (without editorializing or commenting) pieces of art that you think are applicable. While I haven't poured over this patent, I would have -definitely- looked at UNIX/Linux in excruciating detail while prosecuting it.

                Long story short - there is a system in place where you could have looked at this application while it was pending and submitted UNIX man pages or whatever. The fact is that nobody, nobody, nobody ever does this (except large corporations who pay people to do so against their competitors applications.)

          • Re:Prior Art? (Score:5, Insightful)

            by bleckywelcky ( 518520 ) on Saturday August 21, 2004 @02:32AM (#10030992)
            I think the USPTO's problem is that they've adopted a default 'innocent until proven guilty' mantra where all patents are valid unless proven otherwise. They need to turn their thinking around and adopt a default 'guilty until proven innocent' mantra where all patents are invalid until sufficient (or a certain amount of) time has been spent or research done to prove otherwise. If a patent application comes in for a supposed "computer/electronic technology" and some guy looks at it for a couple hours (days, weeks, etc), but doesn't know what he's looking at, how can he actually justify that this is a new, unique, novel idea by accepting the application? If a patent reviewer doesn't react with an "ah ha!, now that is interesting" that indicates he/she understands the topic and what is unique about the idea, then it shouldn't be accepted.
          • Re:Prior Art? (Score:5, Insightful)

            by msobkow ( 48369 ) on Saturday August 21, 2004 @03:52AM (#10031152) Homepage Journal

            Stop making excuses for the incompetent. We all have to pay for their screwups, and it's about freakin' time they were held accountable.

            Sue them. Sue them for your legal fees, your lost revenue, your lost potential revenue, damage to your corporate image, and anything else you can think of if you get caught in a bogus IP "lawsuit" by some vulture corp because of USPTO incompetence.

            If they can't do the job, don't do it. Let the backlog build up until industry screams and starts pushing for Congress to increase the budget. As long as you push incompetent crap through instead, the funding will never be increased because corporate America does not see just how much damage you're doing with your negligence at the USPTO.

            And believe me, it is emphatically negligance.

    • by commodoresloat ( 172735 ) on Friday August 20, 2004 @09:23PM (#10029804)
      It's a pseudo-patent.

      thanks, I'll be here all week....
    • maybe not so easy (Score:4, Insightful)

      by r00t ( 33219 ) on Friday August 20, 2004 @09:58PM (#10030003) Journal
      If the summary is correct, sudo doesn't count.
      At least, normal sudo use doesn't count.

      This looks more like a daemon that will accept
      commands to run. With sudo, you don't have a
      privileged process performing actions on behalf
      of a user process. It's a privileged process all
      by itself, plain and simple.

      Maybe xcdroast+cdrecord would count, if cdrecord
      is setuid and xcdroast is not. That's key. You
      have to have two processes, one of which is not
      privileged. Knowing the way Windows would likely
      do things though, a daemon may be required.
      • Re:maybe not so easy (Score:5, Informative)

        by Anonymous Coward on Friday August 20, 2004 @11:00PM (#10030291)
        If the summary is correct, sudo doesn't count.

        The summary is mostly irrelivant as to what legal protection the patent has. The legal protection comes from the part marked "claims". And if you look at claim 1:

        executing an administrative security process under the administrative privilege level;

        the administrative security process accepting a request from a user process executing under the non-administrative privilege level

        You need an "admin. security process" that is "executing ... under ... admin. priv. level".

        It, the "admin. security process" then needs to "accept request[s] from a user process".

        So, it's somewhat questionable if sudo would really block the claims. I'm sure if one were to send the patent office the sudo info, MS would argue that they have an "already running admin. process" that then actively accepts requests from other user processes.

        In any case, everyone here who's uptight about the patent, there's at least two things you can do. 1) you can collect together all your sudo data, and optionally if you want explain how you think it describes a system that operates the same as the claimed system, and send it to the patent office to be placed into the legal record of this patent. That's the low cost (or maybe no cost, check the patent office web site for details) option available for you. Or, 2) you can collect together all your sudo data, and explain carefully how you think it describes what the claims describe, and file with the patent office for what is known as a reexamination of the patent. Yes, that's correct, you, someone unrelated to either MS or the patent office, or this patent, can actually send in your information and ask that the patent office reconsider their decision. Again, check the web site for details. So, instead of belly aching about how bad a job the patent office is or is not doing, why not simply help them out by sending them the info you know about, and then they have a better chance of doing a better job. And who knows, you might actually get this patent killed in the process.

      • by no-body ( 127863 ) on Friday August 20, 2004 @11:25PM (#10030395)
        I don't think you are right with this. You're taking the word "process" too strict. I have not seen that it sasys in the patent that it needs to be a daemon.

        In the patent context it's hardly a OS process, more a "description of collected steps performing a defined functionality".

        If you think sudo does not count you're definitely incorrect. The sudo program is a process (performs defined steps) under an authorized level (setuid root) goes after privileges (grouped by user/computer/group/whatever) and allows or denies privileges.

        That's the patent.

        What M$soft does right now is write zillions of patents, no matter if they have previous art - they sure know it exists. Their straegy appears to be to get as many patents as possible and then one has to go to court to get it revoked. They got billions of $$'s in their war chest ant they are using it in this manner - one day we'll see how this turns out.

    • Re:Prior Art? (Score:5, Insightful)

      by hardcode57 ( 734460 ) on Friday August 20, 2004 @10:22PM (#10030106) Journal
      Who needs to prove prior art? Obviousness is also an impediment to a patent. Even if the existing prior art cited here doesn't quite match, the reaction of everyone on this page is that there must be some that does: a fairly good indication that practitioners versed in the art regard the idea as obvious.
    • Re:Prior Art? (Score:5, Informative)

      by mr_walrus ( 410770 ) on Friday August 20, 2004 @10:27PM (#10030142)
      the University of Waterloo had a similar concept
      with something called "suw"

      basically a su command that allowed authorized individuals to have
      their own root password. the root login account
      itself had unusable password.

      each authorized users suw password was of course kept in
      a "data store" (a private passwd style file)
      and logging of its usage was done to provide an audit
      trail.

      this is at least 16 or more years old.

      -k
      • Re:Prior Art? (Score:4, Interesting)

        by PW2 ( 410411 ) on Saturday August 21, 2004 @01:01AM (#10030742)
        More prior art: A co-worker of mine has a working application that runs as a priveleged user and is used to start and stop custom NT services after receiving RPC calls from a client application that we are using so that we don't need permanent admin access to start and stop the services. This was a result of Sarbanes-Oxley -- I miss the good access I had in 1999 when I was the DBA, sysadmin, developer, etc. Now I'm only the developer.
    • Re:Prior Art? (Score:5, Informative)

      by slacker775 ( 611528 ) on Saturday August 21, 2004 @12:40AM (#10030674) Homepage
      http://www.symark.com/powerbroker.htm Powerbroker is a sudo-like commercial app. It does a means to run as a daemon process in a client-server type environment to allow the configured policy to work between different systems. Googling on it turns up posts from the mid 90's so it's been around for a while.
    • Absolutely !! (Score:5, Insightful)

      by AftanGustur ( 7715 ) on Saturday August 21, 2004 @04:11AM (#10031186) Homepage


      So, I guess the prior art will be easy to show... right?

      Absolutely,
      however, if you want the prior art to have any legal meaning, you will have to affort a costly legal process with the evil empire's lawyers.

      You see, it doesn't matter so much who is *right* any more. It costs a awful lot of money just to have your case heard.

  • Oh, yeah (Score:5, Funny)

    by brilinux ( 255400 ) on Friday August 20, 2004 @09:02PM (#10029680) Journal
    So SU me!

    Probably redundant by now.
  • by halo1982 ( 679554 ) * on Friday August 20, 2004 @09:03PM (#10029687) Homepage Journal
    A computer such as a network appliance executes an administrative security process configured to run under an administrative privilege level. Having an administrative privilege level, the administrative security process can initiate administrative functions in an operating system function library. A user process executing under a non-administrative privilege level can initiate a particular administrative function that the process would not otherwise be able to initiate by requesting that the administrative security process initiate the function. In response to a request to initiate a particular function from a process with a non-administrative privilege level, the administrative security process determines whether the requesting process is authorized to initiate the particular administrative function based on information accessed in a data store. If the requesting process is authorized, the administrative security process initiates the particular administrative function. In this manner, the administrative security process facilitates access to specific administrative functions for a user process having a privilege level that does not permit the user process to access the administrative functions.

    So of course this is completely unenforcable...I wonder if they'll even try. What is the process to go about for getting this patent revoked?

  • by nonregistered ( 639880 ) on Friday August 20, 2004 @09:06PM (#10029704) Homepage
    man sudo >/dev/uspto
  • by account_deleted ( 4530225 ) on Friday August 20, 2004 @09:06PM (#10029707)
    Comment removed based on user account deletion
  • Setuid? (Score:5, Insightful)

    by chrispyman ( 710460 ) on Friday August 20, 2004 @09:06PM (#10029708)
    Wouldn't this patent also cover setuid, as that's a way you can have an app run under superuser privs for a regular user?
    • Re:Setuid? (Score:4, Informative)

      by LordWoody ( 187919 ) on Friday August 20, 2004 @09:27PM (#10029831) Homepage
      No, because set uid bit by itself does not validate the parent process/user against any data store like sudo command does (eg: against /etc/sudoers)
      • Re:Setuid? (Score:4, Informative)

        by jc42 ( 318812 ) on Friday August 20, 2004 @11:44PM (#10030476) Homepage Journal
        No, because set uid bit by itself does not validate the parent process/user against any data store

        It certainly does. It verifies that the parent's uid has valid execute permission on the new program by comparing the owner and the x bits. This information is stored in the inode, which is in a filesystem (usually but not always a disk). A unix filesystem would certainly qualify as a "data store".

        So unix systems have two different instances of prior art, the setuid (and setgid) bit, and the somewhat later sudo command.

        Of course, the main question is whether anyone will be able to afford the effort to get this patent invalidated. Or will Microsoft be able to bankrupt anyone who tries?

        I suppose IBM could decide that this is a challenge to the security setup in their aix and linux systems. They probably have the money to successfully fight this one. I don't think I do.

  • Proof of concept? (Score:5, Interesting)

    by Penguinoflight ( 517245 ) on Friday August 20, 2004 @09:06PM (#10029710) Journal
    I don't think I've seen a true unprivileged user under an M$ system yet. Everyone is talking about previous art, which is definitly around, but I'd say make M$ prove they actually understand sudo before you start complaining about "I saw it first."
    • Re:Proof of concept? (Score:5, Interesting)

      by horatio ( 127595 ) on Friday August 20, 2004 @09:29PM (#10029841)
      I agree. I also have to agree with an earlier post which mentioned punishing those who patent what they know already has prior art.

      Problem is, I have seen this unprivileged user, and its broken. A few years ago we split our NT accounts in the IT office I worked in into 'priv' and 'non-priv' accounts for each of us. Previously, our typical logins had all the admin privs to do whatever we needed on the workstation.

      The plan was that we could use the win2k/xp version of 'su' (whatever it is called, I don't remember) to do things that needed elevated privs. IT DIDN'T WORK. Some of the child processes, for example, of burning a CD would spawn as your unprivileged context - meaning you couldn't burn a damn CD. You had to log out, and log back in with your priv account for a simple task like burning a CD.

      I think its great how Microsoft steals ideas from other people (*cough*NIX), comes up with a totally frelled implementation that many times doesn't work - and then A) breaks the existing standards, B) goes off and patents the idea as their own or C) both

      Perhaps Microsoft's division which is doing all this should simply be retitled "Patent Whores"
    • Re:Proof of concept? (Score:5, Informative)

      by Bryan_W ( 649785 ) on Friday August 20, 2004 @09:32PM (#10029859) Journal
      I know you were trying to be funny but seriously, it is a feature of Windows 2000/XP all you have to do is shift + right click any executable and select "Run as..." or use the runas command from the command prompt. Sorry but I had to be fair to Microsoft.
  • by tao_of_biology ( 666898 ) <tao,of,biology&gmail,com> on Friday August 20, 2004 @09:07PM (#10029717)
    So, the patent is filed for August 10th, 2004... I checked out the history of SUDO page at: http://www.courtesan.com/sudo/history.html [courtesan.com] and it looks like SUDO dates back to 1980.

    In reading the patent, it does look pretty obvious that it's doing what SUDO is doing... I think this should be blown up with little effort.

    Is there any penalty for filing patents for which you KNOW prior art exists? If not, there definitely should be.

    • by Flower ( 31351 ) on Friday August 20, 2004 @09:34PM (#10029865) Homepage
      Bruce Perens brought this up in a previous patent article and I can't find the post atm. IIRC, it's a criminal offense to knowingly file a false patent. I would assume it falls under perjury. Of course, you don't see anybody actually being prosecuted for this.
    • $man su
      ...
      HISTORY
      A su command appeared in Version 7 AT&T UNIX.
      ...
      Version 7 was released in 1979.
    • Is there any penalty for filing patents for which you KNOW prior art exists? If not, there definitely should be.

      It ought to be fraud, and the patent examiner should be prosecuted as an accessory.
    • "Is there any penalty for filing patents for which you KNOW prior art exists?"

      Well, if the system worked, you would lose your filing fee without getting a patent.

      I strongly suspect that this is a reaction to the Eolas patent. Microsoft is now patenting *everything* they want to do. If the patent doesn't stand up due to prior art in the public domain, no problem: no one will be able to enforce that kind of patent *against* them either. If it does hold up, then they have prevented anyone else from paten
  • What Next? (Score:5, Funny)

    by Kandel ( 624601 ) on Friday August 20, 2004 @09:07PM (#10029718) Journal
    US Patent 6,775,786 : Filed by Microsoft : The concept of clicking a mouse button to perform a task.
    Closely followed by...
    US Patent 6,775,787 : Filed by Microsoft : The concept of intercourse to procreate.

    Seriously, what is the world coming to. Corporates such as Microsoft should not be allowed to patent bogus things like this.
    This is truly Capitalism at it's worst...what power have the US given these people!?
    • Re:What Next? (Score:5, Informative)

      by Mark_MF-WN ( 678030 ) on Friday August 20, 2004 @09:11PM (#10029733)
      This just hastens the end of the patent system. Seriously -- the American patent system is going to fall apart soon, and things like this are the reason.

      The underlying premise of patents will no doubt survive, as it makes a lot of sense in some areas (like engineering). But software and business process patents will probably disappear.

      • Re:What Next? (Score:4, Insightful)

        by maxpublic ( 450413 ) on Friday August 20, 2004 @09:40PM (#10029895) Homepage
        The underlying premise of patents will no doubt survive, as it makes a lot of sense in some areas (like engineering). But software and business process patents will probably disappear.

        And exactly what evidence do you base this assumption on? Corporations are patenting everything under the sun right now, *and getting away with it*. In fact, Congress is entertaining legislation that would further benefit such action.

        Seems to me they're doing a damned fine job of blowing potential competition out of the water, while fucking over the consumer, via the patent system. I don't see this changing any time in the foreseeable future, except for things to get worse than they already are.

        Max
      • Re:What Next? (Score:3, Insightful)

        by NanoGator ( 522640 )
        "This just hastens the end of the patent system. Seriously -- the American patent system is going to fall apart soon, and things like this are the reason."

        Soon? Nah. These patents aren't a problem until somebody actually starts using them to extort money. What's preventing that from happening is fear of losing in court. MS hasn't sued Palm over the double clicking of hardware buttons in PDAs, for example. Why? Because they're slow? Nah. Because they risk losing. Just a money pit at that point.

        F
  • by GGardner ( 97375 ) on Friday August 20, 2004 @09:09PM (#10029727)
    I can see missing prior work as prior art. But missing the famous setuid patent [uspto.gov] seems just silly.
  • History of sudo. (Score:5, Informative)

    by Skulker303 ( 11304 ) on Friday August 20, 2004 @09:10PM (#10029728)
    http://www.sudo.ws/sudo/history.html

    Prior art.
  • Thats it. (Score:5, Funny)

    by 0racle ( 667029 ) on Friday August 20, 2004 @09:11PM (#10029735)
    I'm not going to put it off anymore, I have an amazing idea and I'm off to patent it. Its a web based front end for system updates, see, it scans the system to determine what updates are needed, then only presents them to the user in such a way that they can see what updates are critical and which are just general enhancements. I'm going to make a mint.
  • by Saeed al-Sahaf ( 665390 ) on Friday August 20, 2004 @09:18PM (#10029770) Homepage
    I'm not really worried about patents like these because I feel that the whole patent issue is coming to a head, and that in the end, things will change. Silly patents will not even be contested in court, and many will be tossed out for sheer sillyness.
  • by hndrcks ( 39873 ) on Friday August 20, 2004 @09:19PM (#10029778) Homepage
    " the concept of 'a process configured to run under an administrative privilege level' which, based on authorization information 'in a data store', may perform actions at administrative privilege on behalf of a 'user process'."

    Hell, that sounds like Klez! [symantec.com]

  • by Roskolnikov ( 68772 ) on Friday August 20, 2004 @09:20PM (#10029781)
    msudo

  • by neiras ( 723124 ) on Friday August 20, 2004 @09:20PM (#10029782)
    The American patent system is so out of control, it's unbelievable. The companies that abuse the overworked, underqualified patent office to stack up dubious patents for future ammunition against competitors ought to be sanctioned!

    I don't have words to express how angry this IP grab makes me - and I'm not even an American! Did the Patent Office do any looking into prior art in this case at ALL?

    Whose brilliant idea was it to give corporations the same legal rights as an individual? I wonder if this kind of crap would happen if only individual inventors could apply for patents, whether or not they were funded by a company that paid for their research. Hell, make it illegal for companies to defend patents or fund the defense of their employees' patents - make it up to the inventor to go to court and defend themselves! Jail time if prior art is found!

    Research would still get funded, but only for the purpose of improving products, not for expansion of intellectual property portfolios.

    IANAL (obviously), I know these are probably stupid suggestions, but damn it, we need some extreme methods to match the extreme opportunism shown by these companies. Anyone else have other pie-in-the-sky, impractical ideas for changing the US patent system? ;)
  • by Mr. Cancelled ( 572486 ) on Friday August 20, 2004 @09:20PM (#10029787)
    Companies are getting rich by stealing the future inventions of people with these generic fucking patents. What are the odds that those who invented the patenting process actually envisioned it being twisted around and allowing people to patent ideas, and concepts, the like of which they themselves have no idea how to achieve.

    The idea of a patent is, or at least should be, to patent an invention. Not some task or distant goal which you can imagine some day being achieved, but are unable to currently achieve yourself.

    Imagine if Ford had been able to patent the automile in generic enough terms so that any motorized land vehicle was covered... Where would we be today Wine makers had patented the fermentation process before beer had existed?

    IMHO, patents should be for very specific inventions, and processes, which you have invented, and can accurately demonstrate at the time of patent request, and which of course didn't exist in it's current form prior to your invention

    The computer industry, and it's money sucking lawyers have been allowed to chisel away at the wording and verbiage of the patent laws to such an extent that you are now able to patent just about any idea/concept someone may have down the road. Just think about the stifling of innovation if those science fiction writers of the 50's had patented all that they foresaw.

    What makes me mad is that no one has yet come forward and shown prior artwork for a patent on lawyer wielding companies who make their money by exploiting the ideas and innovations of others through a series of generic and vaguely worded patents and threats. Perhaps then this whole mess would disapear.
    • Couple of points...

      1. There WAS a patent on the automobile, and it was the same deal - generic concept, lawyer/shell company demanding royalties on every car built. Henry Ford said "Screw You", took it to court, and won.

      2. I believe archaeology has shown beer predating wine.

      Other than these quibbles, point taken.
    • by whovian ( 107062 ) on Friday August 20, 2004 @09:48PM (#10029949)
      Companies are getting rich by stealing the future inventions of people with these generic fucking patents.

      I think many people have speculated this for a while: a business world governed by patents and licensing where individual incentive to create is effectively unlawful.

      This is why I think it's important to support open source, the GPL, and open scientific research.
  • by geraint-nz ( 214071 ) on Friday August 20, 2004 @09:22PM (#10029796)
    i'm sure 20 years ago ibm's dos/vse, vm and mvs used to do this to allow an ordinary user to run one program which required the services of another so could invoke the other program to run with elevated priviledges. the priviledges were associated with the program not the user.
  • Exploits. (Score:5, Funny)

    by Daleks ( 226923 ) on Friday August 20, 2004 @09:24PM (#10029815)
    I think MS has prior art on this one. Their programs have been executing at a higher than normal privilage level for awhile.
  • by 3seas ( 184403 ) on Friday August 20, 2004 @09:25PM (#10029818) Homepage Journal
    Personally I hope the Patent office continues granting MS patents that have such prior art ---- two things will happen -- 1) it makes the patent office look to be a joke and can be used in court against patents in general and 2) makes MS look to be even more a fool seeings how they really should know better then to file such patent applications for such prior art stuff in software...
  • by chipwich ( 131556 ) on Friday August 20, 2004 @09:26PM (#10029827)
    Although it's easy to view this patent as a frivolous innovation that will probably be overturned (eventually) if MS chooses to pursue action against competitors, the danger is in the precedent that is continually being set by the USPTO. By failing to adequately examine the concepts behing these obvious patents (eg, running a process authorized by root, single/double/triple clicking a mouse, etc.), our patent system is perverted into one where the burden falls on new inventors to prove that their innovations do not infringe on patents, rather then a system where the burden falls on patent-holders to prove that their IP has been infringed upon.

    This strategy may work in the US, where we can simply put the inventor^h^h^h^h^h criminals in jail (note that the US already has among the highest incarcerated population %-ages), but it probably won't hold up well against the rest of the world, especially the parts that don't think the USPTO is the last word. Unless we can start to incarcerate a larger percentage of the world's population for infringing on US IP, this strategy may not prove to be sustainable.

    Perhaps corporate sponsorship of prisons facilities would help make this strategy a winner...

    • Unless we can start to incarcerate a larger percentage of the world's population for infringing on US IP, this strategy may not prove to be sustainable.

      *Dons tinfoil hat*

      I believe there are a number of influential men in the US that want to do exactly that.

      They call it a "Free Trade Agreement"

      Cheers
      Stor
  • My Theory (Score:5, Interesting)

    by TheSpoom ( 715771 ) * <slashdot@@@uberm00...net> on Friday August 20, 2004 @09:30PM (#10029851) Homepage Journal
    My theory is that Microsoft is patenting all these things so they can use it as part of a marketing campaign to PHBs when Longhorn comes out. Something to the effect of, "Why take the risk of running Linux when we own the patents on everything they use?" I know a few people it would convince pretty easily... Tis all FUD.
  • Patent Sex (Score:5, Funny)

    by suwain_2 ( 260792 ) on Friday August 20, 2004 @09:33PM (#10029862) Journal
    A friend and I resolved a while back that we should file a patent for A protocol for expansion of the human race, and essentially describe the process of sexual intercourse in extremely vague terms.

    After taking over all the porn sites in the world, we could start suing parents across the nation.

    In fact, you should really just give me $699 today if you plan on having sex any time soon. The license is good for a whole year! (But only for one partner.)
  • by iive ( 721743 ) on Friday August 20, 2004 @09:33PM (#10029864)
    It's an old news, but I wonder have slashdot crowd found out this patent:

    http://appft1.uspto.gov/netacgi/nph-Parser?Sect1=P TO2&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch- bool.html&r=1&f=G&l=50&co1=AND&d=PG01&s1=200301895 97&OS=20030189597&RS=20030189597 [uspto.gov]

    The most interesting part is the images. There you can actually see the Gnome logo. (There is an extra karma bunus for the first who find the KDE logo;)


    So Microsoft have already begun patenting Linux.
    It is true that M$ cannot buy GPL code, but it can buy the coders.

    Now, guess what will happen after the fiaSCO is over.
  • by HangingChad ( 677530 ) on Friday August 20, 2004 @09:35PM (#10029873) Homepage
    MSFT intends to patent a switch or button on the front or side of the machine that causes power to be restored to the machine if it is not currently operational and to cut off the power if the machine is operational

    And people say MSFT doesn't invest in R&D. Brilliant!

  • I don't think there's an out this time. Usually, when you get posts saying "Microsoft patents clicking!!" there's usually something in the patent that says "clicking on an icon by using a joystick, underwater, over the internet" or something ridiculous that means the patent doesn't have prior art, but the idea itself does, and will probably be used to try and stretch the patent as far as the courts will let it.

    But this time, it looks like they are doing exactly what sudoes. Maybe finally all the anti-Slashdot-stereotype trolls will be wrong.
    Here's my read:

    CLAIMS:

    1. Processing a request from a non-admin user to do admin tasks. check.
    2. Determining if the user can do such a request. Check.
    3. Checking a data source to do #2. Check. (etc/passwd, others)
    4. Checking a data source to see which one of many admin tasks the user can do. This might be a bit iffy, because I'm not incredibly familiar with sudo. I would assume it's possible to restrict the usage of sudo for different tasks, and if so, Check.
    5. Multiple users. Check.
    6. Groups. Check.
    7. Using it for Methods. I think the Linux kernel might allow only certain system calls to be done by an administrator. If so, check.
    8. Groups for #7. Check-maybe.
    9,10. Combining classes and methods. Here it seems they get really specific, and it doesn't look like they define "class" or "method." Maybe.
    11-13. Passwords. Check.
    14-23. A computer to do the above. Check.
    24-34. A security framework to do the above. Check.
    35-49. Doing it over a network. Check. Now, here, a network seems to involve "hyperlinked documents creating a user interface." Certainly this idea is older than 2000. Check.
    50-62. Again, having a computer to do 1-49.
    63-end. Yeesh. Having a computer to do everything from 1-62. I guess they are covering every single combination.

    So there's the claims. There's nothing in there that sudo really doesn't do, because I think the vauge language MS is using can be applied to a lot of different methods of unix-style security.

    So who's going to care? No one, especially not at the Patent Office.

    --Stephen
  • by millert ( 10803 ) on Friday August 20, 2004 @09:48PM (#10029951) Homepage
    What an auspicious start. Maybe M$ will decide to patent some of the new features [www.sudo.ws].
  • by Flower ( 31351 ) on Friday August 20, 2004 @10:04PM (#10030033) Homepage
    There are 75 claims to the patent. I almost got to claim 30 before I had the urge to reach for my bhong or pray for a flashback. Skimming through the rest of the claims I did note that they include claims for network connected devices.

    Onto the description which is not as sound as commenting on the actual claims but at least provides an idea of what they want to patent. First thing to note is they are once again on the appliance angle. They aren't discussing a PC. They're discussing an XBox or NAS.

    Now hitting the Detailed Description, here is where they slide in that the patent can cover general purpose PCs. Lots of discussion about Web-based administration. So it's not just sudo but Webmin+sudo.

    If anyone wants to take this to the next level go for it. I did my best to RTFP and this is as far as I think I'm going to take it. It was kinda cute to note how general things were in the patent e.g. "data store" that can cover the registry or a text file but there are other things to read tonight.

  • Claim seems valid (Score:4, Insightful)

    by SiliconEntity ( 448450 ) on Friday August 20, 2004 @10:22PM (#10030114)
    You guys are all wrong. Here's the text of claim 1. Read it carefully.
    1. In conjunction with an operating system configured to limit access privileges in accordance with defined privilege levels, said privilege levels including at least an administrative privilege level under which a plurality of administrative methods can be initiated and a non-administrative privilege level under which at least one of the administrative methods cannot be initiated, a method comprising:


    executing an administrative security process under the administrative privilege level;

    the administrative security process accepting a request from a user process executing under the non-administrative privilege level to initiate a particular administrative method, the user process calling the administrative security process with parameters comprising (a) an identification of the particular administrative method and (b) arguments to be provided to said particular administrative method; and

    the administrative security process calling the identified particular administrative method on behalf of the user process and providing the arguments to said identified particular administrative method.
    What this is describing is a proxy process (it very specifically says process) running as root/admin which accepts RPCs (remote procedure calls) for privileged operations, and then makes the call as root, on behalf of the user.

    That's not what su or sudo do (say that five times fast). They use no separate root process waiting to receive and proxy privileged calls.

    The patent specifically says that the request comes from a non-root user and goes to a root process; that the data sent across particularly describes an OS call and its arguments; and that the root process makes that precise call on behalf of the user.

    Now, I'm not going to claim that no one has ever done this in the history of the universe. But it's not what sudo does, and the RPC based utilities that I can think of don't fit this exact pattern.
    • Re:Claim seems valid (Score:5, Interesting)

      by sploo22 ( 748838 ) <dwahler@gm a i l . c om> on Friday August 20, 2004 @10:54PM (#10030265)
      I can certainly see how this could apply to sudo.

      executing an administrative security process under the administrative privilege level;

      bash forks/execs the sudo process, which gains root privileges through the setuid bit.

      the administrative security process accepting a request from a user process executing under the non-administrative privilege level to initiate a particular administrative method

      The request is passed on the command line and accepted by sudo.

      the user process calling the administrative security process with parameters comprising (a) an identification of the particular administrative method and (b) arguments to be provided to said particular administrative method; and

      Now, this depends on your definition of a method. If an executable program counts as one - and it should, as most administrative tasks under UNIX use separate commands - then this fits perfectly.

      the administrative security process calling the identified particular administrative method on behalf of the user process and providing the arguments to said identified particular administrative method.

      Sudo execs the requested program. QED.

      The thing is, the patent doesn't specifically say the privileged process has to handle multiple requests. Sudo DOES run in its own process before it transfers control.
  • by Elwood P Dowd ( 16933 ) <judgmentalist@gmail.com> on Friday August 20, 2004 @10:44PM (#10030210) Journal
    A bunch of comments here are exclaiming that

    1) This patent is identical to sudo! Prior art!
    2) Microsoft will use its patent on sudo to attack Linux.

    Obviously both statements cannot be true. If Microsoft ever attempted to enforce this patent on distributors & users of sudo or a sudo-like device, they would have no case. They would have proven that the patent is invalid, because the product that they are attempting to block is considerably older than the patent.

    1) This is like sudo, but different enough to merit a patent.
    2) Microsoft will never attempt to enforce this patent on something that is older than the patent.

    And I don't even have to read the patent. Keep in mind that "different enough to merit a patent" is barely different at all. Even the dumbest programmer does 200 patentable things per day. If you're the first person to do any of them, you can file. If you're the second person to do any of them, you're liable. That's the problem, not that Microsoft has gotten away with patenting some existing feature of Unix (and Windows, for that matter).
  • Open Patents (Score:4, Interesting)

    by deathcloset ( 626704 ) on Friday August 20, 2004 @11:23PM (#10030387) Journal
    Wondering.

    This "prior Art" of which everyone is speaking.

    Would it apply to a full-form patent application posted publicly?

    Meaning, if I present here the idea of a type of list-browsing method where the user is presented with newest added or scanned items inserted into the next selected cursor position in an updateable or actively updating list as they browse arbitrarily sorted or ordered items or values, that this declaration itself constitutes prior art (if, theoretically, the language was legally sound)?

    Even if it's not prior art it's still a good idea huh?

    I digress.

    Is the concept of an "open patent" even applicable legally? I hope so, because I have some ideas that I would like to open up (and I have the feeling i'm not the only one).

    It would be great, having this huge database of ideas that any designer or engineer could feel free to impliment or incorporate or merely look into for inspiration.

    Competition is good in practice, but cooperation is better in play.
  • by jonabbey ( 2498 ) * <jonabbey@ganymeta.org> on Saturday August 21, 2004 @02:29AM (#10030981) Homepage

    It really angers me that anyone should get patents on such an obvious thing.. how in the world can the USPTO possibly pretend to know that no one in the world of software has ever done this before? Software differs from making airliner parts, in that anyone with a computer has all the pieces required to produce any piece of software they can think of. There have been probably millions of programs written over the last 50 years, and since software wasn't considered patentable during the vast majority of that time, there's an enormous corpus of prior art that should rightfully be extremely difficult to discount.

    When the average cost of patent litigation is on the order of $3 million dollars, it's way too much to Microsoft's advantage (yes, even taking the Eolas patent into account) for the USPTO to allow any but the most extremely novel software patents to be granted.

    Gah!

  • by Secrity ( 742221 ) on Saturday August 21, 2004 @05:02AM (#10031266)
    Software patents are turning the USPO into a laughing stock. I can understand the USPO not being able to thoroughly examine patents for some esoteric science. Sudo is not an esoteric science. If the USPO is going to issue software patents they should have somebody who knows something about software. This sort of patent should have been caught by anybody who has any knowlege of Unix-like operating systems.

Some people manage by the book, even though they don't know who wrote the book or even what book.

Working...