Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 6 Oct 1999 12:25:15 -0700 (PDT)
From:      Matthew Dillon <dillon@apollo.backplane.com>
To:        Joe Abley <jabley@patho.gen.nz>
Cc:        "Daniel C. Sobral" <dcs@newsguy.com>, Conrad Minshall <conrad@apple.com>, FreeBSD Hackers <FreeBSD-Hackers@FreeBSD.ORG>
Subject:   Re: Apple's planned appoach to permissions on movable filesystems
Message-ID:  <199910061925.MAA87484@apollo.backplane.com>
References:  <199910052119.OAA24627@scv1.apple.com> <l03130303b420f0176999@[17.202.43.185]> <37FB5A53.3E016EFA@newsguy.com> <19991007073435.A20998@patho.gen.nz>
next in thread | previous in thread | raw e-mail | index | archive | help 
:Show me a disk that's _not_ removable. By your logic we would have _no_
:sguid/sgid binaries _ever._
:
:Physical access to a machine is always a security risk. Why would you
:treat easily-removable media any differently to slightly-harder-to-remove
:media? You still need to break into the vault to remove them.
:
:Joe

    Well, I don't think this is a very fair argument.  There are plenty of
    situations where you might want to differentiate, even with physical 
    access.

    For example, take PC's in a library.  Lets say that the PC's get all
    their critical stuff via read-only NFS mounts, but the library wants
    to allow people to import and export files via the floppy drive.  In
    this example, there is a very definite distinction between a filesystem
    on the floppy drive and 'everything else'.

    Even when you throw a hard drive in, just because someone has physical
    access to the outside of the machine does not necessarily mean that
    he has physical access to the inside of the machine.  Take, for example,
    a supervised machine or machine which is 'locked down' and has a bios
    password installed.  

    While it is certainly true that a person could eventually get physical
    access into the machine, it is a significantly more difficult task and
    therefore a significant distinction still exists between the data stored
    on the hard drive and stored in, say, a floppy.

					-Matt
					Matthew Dillon 
					<dillon@backplane.com>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910061925.MAA87484>