On Fri, Feb 17, 2006, Omer Zak wrote about "Helping Linux move into business:
FireFox vs. IE":
>...
> However, when business grows beyond the 5-people stage and needs its own
> sysadmin and system administration policies, it becomes necessary for
> the sysadmin to be able to lock down workstation configurations and
> setups, to prevent them from being changed by clueless users.
> Otherwise, the sysadmin will be confronted by security vulnerabilities
> and headaches due to having to clean up after the clueless users.
So far, this sounds true, but...
> Turns out that IE has configuration options, which allow the sysadmin to
> lock down various features. When those options are set, users can be
> prevented from changing home page, or making various configuration
> changes. On the other hand, FireFox does not currently have those
I completely fail to see the relevance of this paragraph to the previous
paragraph. How does changing the homepage constitute a security vulnerability?
Reminds me of an interview I read with a computer-security officer in the
army. He boasted on how he caught some officer viewing porn on his laptop.
As laudable as this is ("porn is bad", etc., etc.), this is not the security
risk that this guy was paid to find. If anything, he should have found
someone who has a trojan horse which he thought was benign porn, but was
really a trojan horse. But he didn't find anything of this sort.
> options (maybe, the only thing which can be done is to make the
> configuration file in user's home directory root-owned and read-only by
> the actual user).
This is indeed an option, although the smart user will just do something
like
HOME=$HOME/NosYsadminControlsThis firefox
letting him run firefox in a clean "home" where he can write what he wants.
If you're more paranoid, you have the user's entire system (including his
home directory and /tmp) cleared when he logs out. Or just mount the entire
disk from a remote server and have no disk on the system.
But again, you have to ask yourself: is this really about "security", or
about giving the users the feeling that they can't do what they want?
Somehow, free software hasn't been a big fan of giving the users the feeling
that they can't do what they want....
> Given the flexibility of Free Software, I am almost sure that there is a
> way to selectively lock down FireFox configurations, only that it is not
> widely known. Same - for other Free Software packages.
Again, what prevents the user from changing HOME and running with a non-
restricted configuration, or from installing a standard version of FireFox?
Or do you also plan to run some sort of restricted-shell and a kernel
module that prevents the user from running unauthorized binaries, or something?
> 1. Build a checklist of the needs of sysadmins in 10-person businesses.
I think such a business should have a simple way to recover a messed up
system (quick reinstallation, or using NFS for most of the files, or backups,
etc.) rather than thinking of ways to limit users from messing up in the
first place. Messups will always occur.
> people as well as non-trustworthy workers (think about receptionists who
> work there by the hour).
How about giving these non-trustworthy workers any terminal (Linux will
do just fine), but put the "important" applications as Web applications,
and have the workers use them in their browser. This will only allow the
workers to use these applications as you want (and as their perwords allow),
but will still allow them to configure their terminal to do what you want
(e.g., put a digital clock on the screen instead of an analog clock, etc.,
and even, god forbid, change their browser's home page).
--
Nadav Har'El | Sunday, Feb 19 2006, 21 Shevat 5766
[EMAIL PROTECTED] |-----------------------------------------
Phone +972-523-790466, ICQ 13349191 |I am the world's greatest authority on my
http://nadav.harel.org.il |own opinion.
=================================================================
To unsubscribe, send mail to [EMAIL PROTECTED] with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail [EMAIL PROTECTED]
