Microsoft was told about ECL (Execution Control Lists) 12 years ago and still doesn’t get it!
Aug 24 / 03 column from I, Cringely | The Pulpit
“To answer your reader’s question,” says my buddy, who was once one of Microsoft’s larger customers, “one of the basic functions of an operating system is to run programs. There is a RUN API and the command line interpreter is simply an interface to the RUN API. Many viruses are sent through e-mail because it is easy to access the RUN API from an e-mail attachment. Our first suggestion was within e-mail to restrict the ability to run applications and interact with the e-mail system (post office, address book, etc). Only the e-mail client should be able to interact with the e-mail system. Only programs that have registered and authenticated user IDs [ought to be able to] independently interact with the e-mail system. There should be a way to manage and control the RUN API’s control by e-mail attachments.”
“Our second suggestion was at that point to improve the security of the RUN API. The operating system internals would also be registered as users. Legitimate OS functions could use the RUN API. The user could use the RUN API. Any registered and authenticated applications (no longer limited to e-mail) could use the RUN API. Anything else that attempted to use the RUN API would have to ask the user for permission, or would be prevented from working altogether.”