Re: permissions in general (WAS: Re: permissions in /sbin)

["Martin Marcher" <martin@marcher.name>]

On 12/5/07, Joey Hess <joeyh@debian.org> wrote:
> Martin Marcher wrote:
> > So the user needs to get a precompiled gcc somewhere.
> > Then she would need to get all the header files necessary
> > Then she needs to get the source.
> > Then the quota is full... :)
>
> Most systems come with perl. Perl can do anything any non-suid program
> in /sbin can do. Most systems come with ar, tar, and wget. This can be
> used to download any .deb and unpack it. The kind of "security" you're
> suggesting has hstorically worked miserably, see for example Microsoft
> Windows, which does not come with a C compiler or many useful programs.

/usr/bin/perl
/usr/bin/wget
/bin/tar

exactly my point none of these tools would be accessible in the first
place without explicit permission by the sysadmin.

And btw. I'm not talking about tools, etc. I see a tendency in systems
being more secured with RBAC, MAC, auditing tools, $whatever.

But since *nix has a history of being secure because a user/process
can't by default destroy any data besides the data one/it owns. Why
not take that one further and require explicit permission to even run
a program that can potentially destroy data?

* Why not take that one further and require explicit permission to run
_any_ program?

Revoking "others" access by default does just that. I think my point
wasn't clear.

-- 
http://noneisyours.marcher.name
http://feeds.feedburner.com/NoneIsYours