From owner-freebsd-hackers Mon Jan 22 07:31:32 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id HAA20616 for hackers-outgoing; Mon, 22 Jan 1996 07:31:32 -0800 (PST) Received: from labinfo.iet.unipi.it (labinfo.iet.unipi.it [131.114.9.5]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id HAA20555 for ; Mon, 22 Jan 1996 07:30:16 -0800 (PST) Received: from localhost (luigi@localhost) by labinfo.iet.unipi.it (8.6.5/8.6.5) id QAA05440; Mon, 22 Jan 1996 16:27:14 +0100 From: Luigi Rizzo Message-Id: <199601221527.QAA05440@labinfo.iet.unipi.it> Subject: Re: Security (was: Re: Two commands: icat and ils) To: imp@village.org (Warner Losh) Date: Mon, 22 Jan 1996 16:27:14 +0100 (MET) Cc: hackers@freebsd.org, dworkin@rover.village.org In-Reply-To: <199601221358.GAA29324@rover.village.org> from "Warner Losh" at Jan 22, 96 06:57:49 am X-Mailer: ELM [version 2.4 PL23] Content-Type: text Sender: owner-hackers@freebsd.org Precedence: bulk > : Why ? Security must be enforced with proper protections, not by > : simply trying to hide information which *is* available. > > The standard reason that is given is that it bypasses all file system > checks... However, you need to be root to run it, so maybe that isn't > such a horrible thing. exactly. Also, you already have more powerful tools like "cat" and "rm" to peek at people's data or destroy information. Luigi