>From: John Galt [mailto:[EMAIL PROTECTED]]
>delete. You're missing a large point here: root doesn't have to have
RWX
>access on everything to be able to do their job, -WX may do the trick.
So, root does not need total file access in order to do some subset of
functions which you, or the NSA, consider "their job."
Who, prey tell, set up those permissions? (hint: root)
I believe that an administrator account with such limited permissions is
a very good idea on a large-scale or multi-admin machine. In an ISP, for
instance, your grunt sysop is neither trained nor absolutely trusted.
But someone has to be able to administer *that* account too, so I still
assert there should be a Root As God as final arbiter, to install the
key-sig software, intrusion detection, etc.
>No, DOS taught us how to allow for a system to be compromised at the
drop
>of a hat.
Interesting. Physical compromise is not at issue, because a machine
which is physically compromised is merely a matter of time before it is
broken. It is my impression we (all) agree on that.
>>If you cannot trust root, don't use that machine for anything you want
>>to be secure.
>Probably a good dictum, but not really feasable in most cases. Do you
>trust your ISP? They have root on the system that forwards mail to
you...
Quite right. Luckly, there are ways to secure specific functions, such
as PGP'd email, ssh for remote login, https for document viewing and
forms, IPSec for datastreams, etc. The comodity internet cannot ever be
considered secure.
Had people only ever used terminals on shared servers, such as the IBM,
DEC, Unix "mainframe" model, I believe we would have better individual
user tools for security against root. Single user machines, thus my
comment about Dos, give the imperssion of end-point security.
>Win 3.0 was broken and unusable, you know that?
Unusable? Then I seem to have been able to do the impossible. It
certainly did not work well, but "unusable"? Hmmm...
>Win 3.X is the last system that had hardware requirements based on
>objective criteria and allowed the system control that you lauded in
your
>main email.
I'm glad the theoretical considerations were able to be communicated, I
do wish you had added your reservations and elaborations rather than
using the absolute negative "No."
> Win 95+ started doing things for you, and NEVER does them the
>way they should be done. Perhaps it just takes longer to do things
>right...
I think the distributed effort of the open source projects, while
chaotic so that key-strokes will not always be consistant (so what?),
does allow for people to use the systems that give them the least
astonishment.
And, best of all, if someone realizes how they "should" be done, they
can advocate it to someone who really can make it a reality.
Unlike arguing for something durnig "Face Time" with Bill.
I was able to limit Win95, after lots of experimenting, to three running
"services" and relative un-hackability. But it was a single user
machine, and the keyboard was God. An object lesson in choosing a good
PGP pass phrase.
>void hamlet()
>{#define question=((bb)||(!bb))}
Ummm....I believe that parses as b^2, not b*2... :^)
>Who is John Galt? [EMAIL PROTECTED] that's who!
http://www.lfcity.org/
Curt-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
