maart@cs.vu.nl (Maarten Litmaath) (06/06/89)
jamesa@arabian.Sun.COM (James D. Allen) writes:
\... Bravo! I'll do an occasional
\ % chmod 600 Personal_little_black_book
\ to discourage casual snooping, but I always make /dev/mem and
\ /dev/disk `rw-r--r--'. If a user wants to write his own improved
\ `df' or `ps', more power to him.
More power to the user who wants to write his own improved version of `cat' to
get `Personal_little_black_book' from /dev/disk itself.
--
"Your password [should be] like your |Maarten Litmaath @ VU Amsterdam:
toothbrush." (Don Alvarez) |maart@cs.vu.nl, mcvax!botter!maartsalex@grad1.cis.upenn.edu (Scott Alexander) (06/07/89)
In article <2698@solo1.cs.vu.nl> maart@cs.vu.nl (Maarten Litmaath) writes: >jamesa@arabian.Sun.COM (James D. Allen) writes: >\... Bravo! I'll do an occasional >\ % chmod 600 Personal_little_black_book >\ to discourage casual snooping, but I always make /dev/mem and >\ /dev/disk `rw-r--r--'. If a user wants to write his own improved >\ `df' or `ps', more power to him. > >More power to the user who wants to write his own improved version of `cat' to >get `Personal_little_black_book' from /dev/disk itself. >-- > "Your password [should be] like your |Maarten Litmaath @ VU Amsterdam: > toothbrush." (Don Alvarez) |maart@cs.vu.nl, mcvax!botter!maart I've worked in many groups where most of the people knew the root password. In those groups, I use protection to give a hint about how I want my files accessed. Further, I give names which give a further hint. Thus, people know that if I've protected something in my work directory, that's probably the current version and if they pick it up, they deserve what they get. However, it's known that my personal directory is personal stuff and that I consider looking at that stuff as a violation of my privacy. There is an element that easier security makes it easier to break in, but there's also an element that more strenuous security makes it more fun to break in. As such, I've always been a fan of weaker security and very strong administrative action against anyone who breaks the implicit trust. Scott
clyde@ut-emx.UUCP (Clyde W. Hoover) (06/07/89)
Out here in the "real-world" where users cannot be trusted to behave themselves and the Junior Hacker League lives, security is a MUST. Having been a sys admin in a variety of UNIX environments, I vote for UNIX having "high" security by default with directions provided on how to lessen it if desired. It is always easier (from a techincal viewpoint) to start restrictive and loosen up. The political issues of system security is another kettle of assorted aquatic creatures... Remember how many people were sure their SMTP connections were "secure" until last November :-) Shouter-To-Dead-Parrots @ Univ. of Texas Computation Center; Austin, Texas clyde@emx.utexas.edu; ...!cs.utexas.edu!ut-emx!clyde Tip #268: Don't feel insecure or inferior! Remember, you're ORGANIC!! You could win an argument with almost any rock!
rcd@ico.ISC.COM (Dick Dunn) (06/08/89)
In article <13783@ut-emx.UUCP>, clyde@ut-emx.UUCP (Clyde W. Hoover) writes: > It is always easier (from a techincal viewpoint) to start restrictive > and loosen up... Sure, but distributing the system in very restrictive form has a social effect--namely that some folks will look at it and say, "Gosh, they send it out with the lid clamped down tight; that must be the way it *should* be done." From a social-interaction viewpoint, it's much harder to loosen it up. You can tighten things if you get into problems (although there's a certain closing-the-barn-door... effect there). I guess I've been conditioned, but UNIX default permissions have made sense to me for a long time--files tend to get created as globally readable but only locally writable. [Disclaimer: I am thankfully not a sociologist, so observations of social effects are based on unsubstantiated common experience.] -- Dick Dunn UUCP: {ncar,nbires}!ico!rcd (303)449-2870 ...Lately it occurs to me what a long, strange trip it's been.