Re: Rational for debian group accounts

To: Manoj Srivastava <srivasta@datasync.com>
Cc: debian-devel@lists.debian.org
Subject: Re: Rational for debian group accounts
From: Branden Robinson <branden@apocalypse.sequitur.org>
Date: Wed, 17 Sep 1997 15:04:20 -0500 (EST)
Message-id: <[🔎] Pine.LNX.3.96.970917145931.5768D-100000@apocalypse.sequitur.org>
Reply-to: branden@purdue.edu
In-reply-to: <[🔎] 87bu1sarbs.fsf@tiamat.datasync.com>

On 17 Sep 1997, Manoj Srivastava wrote:

> >>"Jean" == Jean Pierre LeJacq <jplejacq@quoininc.com> writes:
> 
[regarding Spafford and Garfinkel's _Practical UNIX Security_:]
> Jean> They claim it requires constant intervention by the system
> Jean> administrator to add/remove users from the many groups this
> Jean> approach introduces.
> 
> 	Hmm. This seems quite specious. The only reason to add people
>  to groups is because there is a desirable group based access
>  required; the sysadmin would still have to add people to this special
>  group manually. 
> 
> 	Moreever, dumping everyone into a large catch-all grroup (as
>  large numbers of Unix shops do) is worse from a security standpoint:
>  since everyone is in this group, adding group access to any object is
>  the same as making the object wide open, though it may give a false
>  sense of security if you think the object os not world accessible. 
> 
> 	Also, why are people being added to many groups? (ignoring the
>  fact that in traditional methods you still need the manual handling
>  for all but one groups anyway).
> 
> 	Am I missing something?

I used to think usergroups were lame as well until I finally read the
rationale somewhere (I think in some Red Hat documentation).  We should
more explicitly spell this out in our own docs.

But now that I understand it, I agree, and don't see how a sysadmin has to
do any more work with this approach.  In either case, the "groups" that
actually get used as such have to be created and populated by the
administrator.  But with usergroups added to that (automatically with
adduser), you get finer granularity of control within the multi-user group.

If you consider it important enough, I suppose I could go ask Gene
Spafford himself (he works here at Purdue).  He knows me already; he
signed my PGP key.

--
G. Branden Robinson                 |  America is at that awkward stage.  It's
Purdue University                   |  too late to work within the system, but
branden@purdue.edu                  |  too early to shoot the bastards.
http://www.ecn.purdue.edu/~branden/ |  --Claire Wolfe

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: Rational for debian group accounts
  - From: Manong Dibos <jwalther@citytel.net>

References:
- Re: Rational for debian group accounts
  - From: Manoj Srivastava <srivasta@datasync.com>

Prev by Date: Re: [X11] placement of binaries and menu config
Next by Date: Re: Rational for debian group accounts
Previous by thread: Re: Rational for debian group accounts
Next by thread: Re: Rational for debian group accounts
Index(es):
- Date
- Thread