Hacker News new | past | comments | ask | show | jobs | submit login

It required attention to detail, from a sysadmin / desktop admin perspective, but it was definitely possible and paid dividends in users being unable to completely destroy machines like they could on the DOS-based Windows versions. I put out a ton of Windows NT Workstation 4.0 and Windows 2000 Pro w/ least-privilege users. It was so convenient to be able to blow away a user's profile and start w/ a clean slate, for the user, w/o having to reload the machine.



Yes, I ran that way on principle, and you could mostly make it work. But not really OOB. Registry ACL templates and etc, qualify for a real PITA.

UAC and the other magic on Vista/7 mollified that by a lot.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: