Re: Proposal "LUID"

From: Andrew McNabb (amcnabb@argus-systems.com)
Date: Mon Apr 17 2000 - 20:48:04 EST

Next message: The Lost Wizard: "busy filesystems with nothing accessing them"
Previous message: Michael H. Warfield: "2.3.99pre4/5 broke USB mouse for me..."
In reply to: Alan Curry: "Re: Proposal "LUID""
Next in thread: Linda Walsh: "Re: Proposal "LUID""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 17 Apr 2000, Alan Curry wrote:

> I always wonder what the procedure is for upgrading the kernel on these
> hyper-secure machines. Whoever has permission to do that can do anything he
> wants.
>
> "Root is God" is not just unix tradition, it's an inevitable reality. And if
> what they want is a system on which administration must be done at the
> console, take windoze... please. We don't want it.

Wrong! Just because you've never used a decently secure system doesn't
mean that they're impossible. On a secure computer, the only reason for
an all-powerful root is system administration (and even most sysadmin work
doesn't need it). If you want to make sure that your box is rock-solid,
it's a minor sacrifice to have to do certain tasks on a console. And if
for some reason it is slightly more than inconvenient to use the console
(perhaps physical reasons, or maybe you want to change stuff a lot), you
can easily set up the system so that certain network interfaces (or
virtual ones a la SSH) are allowed to have users upgrade themselves to
an all-powerful root. Even in this case, what is happening is that the
administrator is given a full set of capabilities, there's still no root
account. And from any other interface, it is absolutely impossible to
become all-powerful.

You go ahead and play with Windows, and I'll continue to use my
Solaris + Argus server that can _only_ be messed with by a small handful
of on-site computers. The only thing that can be done to our system is to
steal an individual's mail files by stealing their password and getting
their files through SSH or IMAP/SSL.

Just because you're used to insecurity doesn't mean that it's inevitable.

----------------------------------------------
                Andrew McNabb
             Argus Systems Group
          amcnabb@argus-systems.com
----------------------------------------------

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: The Lost Wizard: "busy filesystems with nothing accessing them"
Previous message: Michael H. Warfield: "2.3.99pre4/5 broke USB mouse for me..."
In reply to: Alan Curry: "Re: Proposal "LUID""
Next in thread: Linda Walsh: "Re: Proposal "LUID""
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Apr 23 2000 - 21:00:12 EST