Re: security thing
- From: Sybren Stuvel <sybrenUSE@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Fri, 13 Oct 2006 09:17:33 +0200
PTM enlightened us with:
PTM: You are right, if this kind of interaction is made thru the
tools which are in use today. Still I think that the user should see
only her _own_ data and data, which she has rights to.
But that's pretty much impossible with the current state of any
UNIX-like machine. /etc/passwd is either readable or it isn't, you
can't make a single line of it readable and blur the rest.
As an example: is there any reason, why she should see the smb.conf.
She needs the SMB connection, but by reading smb.conf she gets a lot
of information about the setup of the computer.
And that information shouldn't make the computer any less secure.
Security by obscurity is no security at all, remember that.
Having defaults as they are in Unix and M$Windows nowadays doesn't
mean, that they are in the optimum.
I agree with that. There are many situations in which the defaults are
not correct. That is why they are default settings - they can be
changed into correct settings. No set of defaults can be optimal for
- The people in research, healthcare or bussines like it protected
A lot of them, anyway. My girlfriend works in healthcare, and they
like to share their documents among collegues.
In my business, we have no secrets for each other, so we can all see
each others files.
Of course, shielding those things from the outside world is important,
but that wasn't the issue here - we were talking about local users.
Still the shit happends. Some program might save the data to
unsecure directories with no protections set. Do we assume that the
user will check thru the computer every file and their rights after
she has run some program. And still the program might have saved
some backup file to some /temp directory or Recycle Bin.
You also have to check the swap area then, for leftovers of program
PTM: You explain me how you think the things should be and I tell
you that I have another opinion and I try to explain it to you. This
is called discussion.
I hope you don't mean that this 'explanation' is the only truth in
If you really mean this, and I think you do, you should stop saying
"there is no reason" to have files/directories readable by default.
There are plenty of reasons, as loads of us have already explained to
StÃ¼vel IT - http://www.stuvel.eu/