Someone:
> > Well-designed security isn't just 1 'thing'. It's like a
> > bank safe-deposit box, You have secure-cams taping everything, you
> > have guards on duty. You have the boxes require 2 keys - owner and
> > banker. At night guards are put 'on call' and replaced with the
> > safe-deposit boxes being in a large foot-thick steel vault. And
> > perhaps more than one motion detector. A good OS has at least as many
> > redundant features. Perhaps none is perfect but each has a probability
> > of failure. Failure pr breaking of one security component should not
> > lead to failure of another. Then the chances of getting in are
> > reduced by multiplying chances of failure (fractions) resulting in lower
> > and lower odds of a complete compromise.
On Mon, May 08, 2000 at 03:03:47PM +0200, Igmar Palsenberg wrote:
> Ugh.. Had to read that 4 times..
>
> But yes, the physical security is also of importance...
I don't think Foo was discussing physical security. In his metaphor,
everything was physical, so he's not noting that physical access is
something we should consider -- we _know_ that. Within his physical
system (an example of a well-designed security mechanism), there are
several layers to providing security. Ownership of a {key,root shell}
shouldn't imply complete and total access.
The equivalent of the time policy, banker's key, security guard, and
vault wall are something we (not meaning LKML) should work on.
- chad
-- Chad Miller <cmiller@surfsouth.com> URL: http://web.chad.org/ "Any technology distinguishable from magic is insufficiently advanced". First corollary to Clarke's Third Law (Jargon File, v4.2.0, 'magic')- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:11 EST