Re: DM vs DD and security

To: debian-devel@lists.debian.org
Subject: Re: DM vs DD and security
From: Kevin Mark <kevin.mark@verizon.net>
Date: Tue, 20 Mar 2007 06:07:32 -0400
Message-id: <[🔎] 20070320100732.GC27559@localhost>
Mail-followup-to: Kevin Mark <kevin.mark@verizon.net>, debian-devel@lists.debian.org
In-reply-to: <[🔎] 1174374147.19977.5.camel@localhost.localdomain>
References: <[🔎] 20070319094132.GC22650@localhost> <[🔎] 1174374147.19977.5.camel@localhost.localdomain>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, Mar 20, 2007 at 06:02:27PM +1100, Robert Collins wrote:
> On Mon, 2007-03-19 at 05:41 -0400, Kevin Mark wrote:
> > And if its large, then could this be reduced in some way by having the
> > more common tasks be replaced by a web frontend with password access
> > and leave fewer tasks that require ssh access.
> 
> ....
> Because ssh is /less/ secure than ssl?
> 
While I do not claim to be a security expert, I was trying to address a
few points: the need for ssh access which is a current privilege for
DDs. I assume that physical access is not a big problem for Debian
infrastructure and that external attacks are being guarded against. This
leaves local access. If local access is reduced to those who need it (by
my idea DM's would not normally need this) and common tasks can be made
'more secure' by making them done through a web interface (w/ ssl), this
would eliminate possible human error (rm -rf or similar) and increase
security by limiting access to DDs. 

But I have yet to receive any guess as to the amount of local ssh access
that is used by DDs. If 99% of DDs need ssh access that requires a
random set of commands, then this will not work. But if only 10% of DDs
need ssh access, then it would be beneficial and would advance the idea
of have DC/DMs not needing ssh access and inclusion in the keyring and
a local user account created by DAM? (the last step in NM?) and allowing
a separation based upon need, security, skill and responsibility.

- -- 
|  .''`.  == Debian GNU/Linux == |       my web site:           |
| : :' :      The  Universal     |mysite.verizon.net/kevin.mark/|
| `. `'      Operating System    | go to counter.li.org and     |
|   `-    http://www.debian.org/ |    be counted! #238656       |
|  my keyserver: subkeys.pgp.net |     my NPO: cfsg.org         |
|join the new debian-community.org to help Debian!              |
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFF/7Jjv8UcC1qRZVMRAjvVAJwKcWjrMFHpM7GmKJ9jraJFqwPwGwCglFxg
IYfoAbehQfZx+yJMcI79uI8=
=+Gic
-----END PGP SIGNATURE-----

Reply to:

References:
- DM vs DD and security
  - From: Kevin Mark <kevin.mark@verizon.net>
- Re: DM vs DD and security
  - From: Robert Collins <robertc@robertcollins.net>

Prev by Date: Re: DM vs DD and security
Next by Date: Re: DM vs DD and security
Previous by thread: Re: DM vs DD and security
Next by thread: future keys
Index(es):
- Date
- Thread