A way to monitor your files
Blair P. Houghton
bph at buengc.BU.EDU
Wed Sep 13 05:22:52 AEST 1989
In article <11035 at smoke.BRL.MIL> gwyn at brl.arpa (Doug Gwyn) writes:
>In article <4113 at buengc.BU.EDU> bph at buengc.bu.edu (Blair P. Houghton) writes:
>>As long as the superuser is a sufficiently cleared individual, then the
>>proper security is being maintained no matter what software he can use
>>to get into the files. As in a traditional paper system, one has to
>>place trust in the handlers of the data.
>
>If you recall how this thread started, the individual was complaining
>that his local super-users were abusing their powers and snooping in
>his private data files. The discussion about DoD trusted computing
>systems started with somebody's more-or-less irrelevant reply. The
>original situation had nothing to do with TCBs, MACs, etc.
I recall mentioning that at the start of this thread I wasn't a superuser
and didn't even read it. Thanks for the recap. I am now a superuser,
and am interested in all forms of security.
Okay, so we're talking protection, not security. Different issue.
There is _no_ way to keep the SU from looking in your files. That
is a feature, not a bug.
I tell users that if they really want me not to see their stuff
they should use encrypt(1) or move it off the machine.
I don't snoop, but I don't hesitate to look if I have a reason.
--Blair
"TCB? MAC? EIEIO?"
More information about the Comp.unix.questions
mailing list