Date: Tue, 28 Oct 2003 13:56:37 -0800 From: Johnson David <DavidJohnson@Siemens.com> To: Timo Sirainen <tss@iki.fi> Cc: advocacy@freebsd.org Subject: Re: Friendly and Secure Desktop Operating System Message-ID: <200310281356.37268.DavidJohnson@Siemens.com> In-Reply-To: <1067374359.15026.126.camel@hurina> References: <200310281533.26611.dgw@liwest.at> <200310281129.10669.DavidJohnson@Siemens.com> <1067374359.15026.126.camel@hurina>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tuesday 28 October 2003 12:52 pm, Timo Sirainen wrote: > Well .. I don't actually believe DoS to be much of a security problem > in desktop systems. This does happen to be a FreeBSD list. I'm using it on my workstation and home desktop. I've installed it as a server in a lab. My coworker runs his website off of it. I know other people who run their websites off the the same system they use for a desktop. The problem with modern operating systems is that they are general purpose, and can be used in a variety of situations. > Of course it's better to try to prevent them, but I don't think it's > really possible without getting on the way of user. All security gets in the way of the user. A friend of mine tried Linux then went back to Windows because he found the concept of having to log in very inconvenient. The trick is to balance the inconvenience of the user with the security of the system. That means you can't have a perfectly secure system which will usable. You have to make some tradeoffs. It's hard deciding what to give up. > Operating system MUST prevent malicious software from: > > - Modifying or erasing sensitive data > - Transferring sensitive data out of your system > - Affecting other software in any way How do you know it's "malicious" software? Crack that problem and the Nobel Prize for Computing is yours! Is the software writing to the first sector of a drive malicious, or merely a utility being run by the administrator to prepare a partition for dual boot? > > Here's another: "Word Processors... No privileges needed." Those > > who ignore the lessons of history are doomed to repeat them. > > Oh? What privileges does it need then? My idea of a word processor is > that it should be able to read and write document files with it, > nothing else. I already described the open/save file service for > that. I was thinking of two things. First, a whole slew of MSWord exploits. Second, an observation made by JZW (I think) that says all software expands until it eventually becomes a mail client. Implicitly trusting a class of applications just because they are word processors is dangerous. The problem is that your idea of a word processor might not be universal. Have to run now. But go grab the book "Secure Coding", published by OReilly. It's a new one. Well worth it. David
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200310281356.37268.DavidJohnson>