Debian User Forums

You don't have to do anything with networking / kernel parameters / firewall / ETC since the abstraction layer takes care of it for you and uses the NT kernel stuff that you are already using - meaning you only have to worry about settings on the "host" machine instead of on both, and the passthroughs ETC. The few caveats about full filesystem access are due to not YET having a full translation of UNIX ATTRs to the NTFS ATTR system ( which can have as fine a grain control, and in some cases finer control as Linux / UNIX ). You just need to make sure the application binaries don't have security issues, and you do that by making sure they are fully patched and up to date.

MS is stuck in an unfortunate cycle. Windows can be locked down for users just as much as Linux / UNIX can, it just isn't by default due to inertia - Dos / Windows 9x wasn't meant to be a multi-user OS, but that is what pretty much the world at large learned on, so when NT came out it had to be nearly the same... and then those that learned on the less restricted NT got used to it being almost unrestricted ( I.E. always running as admin ) they were reluctant to go to a more restricted account ala what started with Vista and UAC. A big part of the problem is with almost all the software written prior ( and some after ) to vista expects to run as administrator, which is actually against the specs of what MS wanted.