Re: Security of Debian SuX0r?

To: debian-devel@lists.debian.org
Subject: Re: Security of Debian SuX0r?
From: Bob Bernstein <poobah@ruptured-duck.com>
Date: Fri, 1 Sep 2000 19:57:30 -0400
Message-id: <[🔎] 20000901195730.H848@hoopla.ruptured-duck.org>
Mail-followup-to: Bob Bernstein <poobah@ruptured-duck.com>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 20000901174015.C1923@thinkpad.roland.eu.org>; from rb@debian.org on Fri, Sep 01, 2000 at 05:40:15PM -0500
References: <20000830145720.A28811@verso.st.jyu.fi> <[🔎] 20000901174015.C1923@thinkpad.roland.eu.org>

On Fri, Sep 01, 2000 at 05:40:15PM -0500, Roland Bauerschmidt wrote:

> Shall we make something like 700 default?

No. Resist the urge to dumb things down. Better to insist on intelligent,
responsible users who have been educated, and have educated themselves,
about the realities of computer security rather than lull them into a false
sense of security. chmod 700 will set them up for nasty surprises on other
Unix accounts they may come to use.

The reality is that if you must keep something private then encrypt it (pgp
-c my_secrets.txt). Anything less than that represents ceding control over
your privacy to other parties, whether it be the operating system, the
network configuration, or whatever. Encourage users to be responsible for
security *themselves*.

My $0.02 worth...

-- 
Bob Bernstein
at                    
Esmond, R.I., USA    


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: Security of Debian SuX0r?
  - From: Roland Bauerschmidt <rb@debian.org>

Prev by Date: Re: Security of Debian SuX0r?
Next by Date: Re: Security of Debian SuX0r?
Previous by thread: Re: Security of Debian SuX0r?
Next by thread: Re: Security of Debian SuX0r?
Index(es):
- Date
- Thread