Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]

To: Pierre Beyssac <beyssac@enst.fr>
Cc: Samuel Tardieu <sam@debian.org>, Adam Di Carlo <adam@onshore.com>, "Huneycutt, Doug" <doug.huneycutt@lmco.com>, 56821@bugs.debian.org, pb@enst.fr, quinot@enst.fr, debian-devel@lists.debian.org
Subject: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
From: John Goerzen <jgoerzen@complete.org>
Date: 02 Feb 2000 11:06:49 -0600
Message-id: <[🔎] 873drby1na.fsf@erwin.complete.org>
Reply-to: John Goerzen <jgoerzen@complete.org>, 56821@bugs.debian.org
In-reply-to: Pierre Beyssac's message of "Wed, 2 Feb 2000 17:52:55 +0100"
References: <[🔎] 2000-02-02-11-38-12+trackit+sam@debian.org> <[🔎] 87vh47k3v1.fsf@erwin.complete.org> <[🔎] 20000202175255.E50448@enst.fr>

Your attempt to take my argument to the logical extreme has failed.  I
suggest that we should make the system as secure as possible while
keeping it usable.  The precise definition of this varies from site to
site.  Some people IRC as root, which is a terrible idea as far as I'm
concerned.  Others have their machines locked inside rooms with
card-controlled access and reinforced concrete walls, with hardware
authentication systems.  Perhaps you'd even want to completely remove
the floppy drive.

If I were to take your argument to the same silly extreme, I'd
advocate putting a warning on the keyboard, becuase it could be used
to violate security.  Also, there should be a warning on the lp module
because it could be used to print out things without permission.  And
ohh, let us not forget /dev/console itself!  Can't have anyone
displaying anything that might not be secure.  And oh yes, we need to
remove IDE and SCSI support so that nobody can violate security by
reading disks.

So, as you can see, we need a happy medium.  It is not a disable
everything vs. enable everything debate.  It is, what makes sense.
Does it make sense to make a desktop user log in to LILO?  Not
really.  For servers, certainly not -- this could prevent automatic
bootup.  For workstations in hostile environments, yes.  The same goes
for Ctrl-Alt-Del, for padlocking computers, etc.

Pierre Beyssac <beyssac@enst.fr> writes:

> On Wed, Feb 02, 2000 at 09:42:42AM -0600, John Goerzen wrote:
> > As you can see, some of these are within our control, some are not.  I
> > believe we should, and have, provide mechanisms to allow a box to be
> > secured in such a fashion.  However, using them in such a fashion BY
> > DEFAULT is not in anyone's best interest.
> 
> Oh yes, you're right!
> 
> Given that some people have the atomic bomb anyway, we can get rid
> of any computer security and access control, completely.
> 
> How stupid of me.
> 
> BTW, certainly we should all quit our job and start growing oranges
> in Florida.
> -- 
> Pierre Beyssac		pb@enst.fr

-- 
John Goerzen   Linux, Unix consulting & programming   jgoerzen@complete.org |
Developer, Debian GNU/Linux (Free powerful OS upgrade)       www.debian.org |
----------------------------------------------------------------------------+
The 36,420th digit of pi is 5.

Reply to:

Follow-Ups:
- Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>

References:
- Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Samuel Tardieu <sam@debian.org>
- Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
  - From: John Goerzen <jgoerzen@complete.org>
- Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
  - From: Pierre Beyssac <beyssac@enst.fr>

Prev by Date: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
Next by Date: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
Previous by thread: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
Next by thread: Bug#56821: [POSSIBLE GRAVE SECURITY HOLD]
Index(es):
- Date
- Thread