Complex security mechanism is unsecure
John F Haugh II
jfh at rpp386.cactus.org
Wed Dec 19 10:27:44 AEST 1990
In article <6948 at titcce.cc.titech.ac.jp> mohta at necom830.cc.titech.ac.jp (Masataka Ohta) writes:
>In article <18826 at rpp386.cactus.org> jfh at rpp386.cactus.org (John F Haugh II) writes:
>>That's a pretty big collection of files, but making the owner "root"
>>does not make the collection smaller.
>
>Smaller? It is not my opinion. My opnion is, it is less complex.
Sure, and letting everyone log onto the system as "root" is also
less complex. You have yet to demonstrate how being less complex
is some assurance of security. Quite to the contrary, it is
widely recognized that least privilege and privilege bracketing
techniques provide for increased security by reducing the effects
of software errors. Both of these techniques increase what you
call "complexity" while simultaneously increasing "security".
Software "firewalls" have the same effect. Limiting the damage
that an error in the UUCP subsystem can cause to files controlled
by the UUCP subsystem =will= limit the effects of software errors
or malicious damage.
>>This isn't news.
>
>This is the news.
The oldest references that I am aware of predate the 1978 BSTJ
"UNIX" edition. While it might be "information", it isn't
"new" information. I would say that it is at least 12 year
old information.
>>How about starting with exporting the file system read-only and only
>>to systems which are properly administered.
>
>Nice start. Please continue, until you recognize it complex.
NFS =is= a security hole. The best thing you can do to improve
security on a system with NFS is to remove NFS. Changing all
the file ownerships to "root" will not save your ass.
Now, if you can come up with a flaw in layered security on a
properly administered system, then it might be "interesting".
--
John F. Haugh II UUCP: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 832-8832 Domain: jfh at rpp386.cactus.org
"While you are here, your wives and girlfriends are dating handsome American
movie and TV stars. Stars like Tom Selleck, Bruce Willis, and Bart Simpson."
More information about the Comp.unix.internals
mailing list