Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 11 Feb 1996 14:34:09 -0700 (MST)
From:      Terry Lambert <terry@lambert.org>
To:        jkh@time.cdrom.com (Jordan K. Hubbard)
Cc:        julian@ref.tfs.com, terry@lambert.org, KentH@HNS.St-Louis.Mo.US, current@FreeBSD.ORG
Subject:   Re: FS PATCHES: THE NEXT GENERATION
Message-ID:  <199602112134.OAA18761@phaeton.artisoft.com>
In-Reply-To: <29631.824002635@time.cdrom.com> from "Jordan K. Hubbard" at Feb 10, 96 05:37:15 pm

next in thread | previous in thread | raw e-mail | index | archive | help
> > I put it to you that security of devices is such an important thing
> > that you don't want persistance of device ownerships
> 
> I put it to you that security of devices is such an important thing
> that you definitely want persistance of device ownerships.

You two are using "persistance" differently.

Julian wants assurance that settings made by an administrator that
are different from distribution defaults are affixed to the devices
on a permanent basis.

Julian worries that a simple rc/rc.shutdown mechanism will cause a
hackers changes to persist across boots.


Jordan wants assurance that the familiar mechanisms an administrator
currently uses will continue to work, in order to grandfather older
administrative frameworks that might have already been built up over
time by existing installations.

Jordan does not take note of the fact that the system cannot distinguish
between an administrative change and a change by a hacker who has
gained administrative level priviledges.  In such a situation, user
level security is no security.


I would prefer that the allowable changes to a device be on a per device
basis, with administrative template override, either programatically or
by way of an annoying-because-it-is-not-chmod-or-chown user interface
that must only ever be used once (or once per site policy change, not
a frequent occurance).

In large part, I agree with Julian; I only disagree on implementation
details.  Since both Julian and I don't have code for our proposals,
out differences are moot.


					Terry Lambert
					terry@lambert.org
---
Any opinions in this posting are my own and not those of my present
or previous employers.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199602112134.OAA18761>