Re: sudo without password

On 6/9/06, ubuntu@xxxxxx <ubuntu@xxxxxx> wrote:
[snip]
As I recall, UNIX specifically chose it's current security model because
the more secure ones (like access lists) required far more time and
effort, and therefore are more likely to have holes left by the operators.

Good to know this historical fact.

[snip]

I just first tried Ubuntu for the first time with the release of Dapper,
and I was rather surprised it did not install a host-firewall by
default. I understand Ubuntu's take of "we don't install anything that
listens", but that quickly falls apart when the user starts installing
things like NFS that require portmap, for instance.

Ubuntu seems to be taking the Debian approach of "We're doing things
minimally, so if you install something insecure, it's your own damn
fault." As a distro targeted at desktops, I'd like to see Ubuntu be a
bit more forward-looking. A veteran sysadmin has no problem with the
Debian way, but a novice desktop user probably does. And a novice
_will_ install those security problematic packages. One of window's
major problems is users installing every silly program, widget,
screensaver, or other stupidity that they run across on-line, each of
which installs another piece of adware, spyware, or trojan. Eventually,
the system simply becomes unusable. Just because the user is now trying
out linux doesn't mean they've kicked that habit.

I like the MacOS X approach in this manner. Install a firewall that's
integrated with the known packages that listen for known ports.
Essentially, when you go to open/close a port in your firewall, it
allows you to add your own custom ports, and in one list allows you to
quickly check/uncheck the ports that are already listening in your
system. It works the other way around as well, installing a new system
assumes that you want that system to listen for a connection, and
opens the port in the firewall for you. Risky? Well, you should read
the description of the program you are installing before you actually
install it. I like the Debian approach, but I see a problem with new
comers. There is no easy fix that satisfy both worlds. But the MacOS X
approach is very intuitive.

As an aside, another interesting notion, I think, was released with SuSE
10.1: AppArmor. The idea is to restrict programs, rather than users.
Effectively, you create access lists of what a particular program is
allowed to access. Much the same deal as chroot, but with far less
hassle. (Since you don't actually have to copy it all into a single path)

Another SELinux-like implementation? SELinux is already part of the
kernel. I say join forces with Fedora and have SELinux installed the
right way. With the right GUI to manage the thing and the right
policies in place for the "supported" apps.

The trick is to maintain effective security without it becoming too much
of a burden. The human component is the biggest factor.

Without the human component, software development would be very dull.
All apps would work, have no bugs, and never ever have security issues
of any kind. Where's the fun in that?

--
----)(-----
Luis Mondesi
*NIX Guru

Kiskeyix.org

"We think basically you watch television to turn your brain off, and
you work on your computer when you want to turn your brain on" --
Steve Jobs in an interview for MacWorld Magazine 2004-Feb

No .doc: http://www.gnu.org/philosophy/no-word-attachments.es.html

--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

Relevant Pages

  • Re: sudo without password
    ... UNIX specifically chose it's current security model because ... I just first tried Ubuntu for the first time with the release of Dapper, ... and I was rather surprised it did not install a host-firewall by ... you create access lists of what a particular program is ...
    (Ubuntu)
  • Re: sudo without password
    ... Quite often, the simpler the solution, the more secure it ... and I was rather surprised it did not install a ... you create access lists of what a particular ... alan at linuxholdings dot co dot za ...
    (Ubuntu)
  • Re: subversion on FreeBSD 4.10
    ... I've upgraded all the ports including perl. ... # CFLAGS controls the compiler settings used when compiling C code. ... # or supported for compiling the world or the kernel - please revert any ... # To avoid running MAKEDEV all on /dev during install: ...
    (freebsd-questions)
  • Re: newest PHP port upgrade broke php5-mbstring-5.0.1 ?
    ... # CFLAGS controls the compiler settings used when compiling C code. ... # or supported for compiling the world or the kernel - please revert any ... # certain ports. ... # To avoid running MAKEDEV all on /dev during install: ...
    (freebsd-questions)
  • Re: External drives not installing or working properly on USB
    ... Tne one thing you could try doing is a repair install of XP ... Only one of the five host controllers is connected to the 6 ... As you have 5 host ports, ... operating system to recognise the four additional 'drives'. ...
    (microsoft.public.windowsxp.general)