On 07 Mar 2003 19:56:21 -0800 Jack Coates <[EMAIL PROTECTED]> wrote: > On Fri, 2003-03-07 at 17:25, Pierre Fortin wrote: > ... > > In this case, I *want* 700... no sane automated "security" system > > should ever *reduce* security levels setup by the owner... it's > > downright nasty IMNSHO... > ... > > <rant> > > msec should check existing permissions when run; if they are tighter > > than what would be set, LEAVE THEM ALONE *AND* RECORD the settings as > > the MINIMUM for the current level -- in other words, if /home/* are > > 700 at level 3, the user tries level 4, and goes back to 3, the perms > > should still be 700! > > > > NEVER EVER reduce security levels set by the owner! It's downright > > irresponsible... and NO, telling the users to add local rules after > > lower their security is not acceptable -- fix the logic! > > </rant> > > I do agree with you, but I also see Mandrake's point and I think that > this comes from several distros of telling people that a workstation OS > clearly not intended as a server should be using levels 4 and 5 and > buckled tighter than NORAD.
Funny you should mention NORAD... from '64 to '71, I worked in NORAD HQ (Canada) deep under the mountain... so I have my own opinions about how thight NORAD is... can't say any more... :> Anyway... I have no problems with suggesting higher security levels... what I *DO* have a problem with is lowering security JUST-TO-MATCH-SOME-PREDEFINED-MATRIX... If "several distros" think a w/s OS should be tighter than a server, then they have missed the boat... IMO, yes w/s OS should be tight; but server OS should be tighter *without* killing _its_ raison d'etre... > User installs system, user follows installer recommendation and chooses > level 4. User spends several days trying to make Level 4 work before > realizing that msec is the problem. Just confirms my "matrix" comment above... I could keep myself safe in a hermetically sealed box; but would die from lack of oxygen... security should *protect* a system, not kill its functionality, or worse lower the user's choice of security... My point is that it's not up to the distros to define the rules, rather provide the tools and some guidelines. If msec was better thought out, it would probably be able to let us select security levels on all the individual components instead of a matrix of predefined settings. I would check the msec docs; but I removed msec... begs the orthogonal question: why aren't docs, man pages, info pages, etc. grouped into (general, sysadmin, security, other_major_grouping} and installed separately? That way, a user could make an informed decision before installing a package... > Now, in your recommendation user must wipe the disk and start over from > scratch. Huh? I don't follow your logic here... I only asked that msec not blindly lower established security -- please elaborate... > In msec's current implementation, user simply alters the security level > to 3 and the system heals itself (in theory). But not in practice... it makes the system more vulnerable than what *I* decided on... I'm beginning to think that Mdk should make their security tools optional until those tools have been confirmed NOT to lower security if installed/used... or worse, cut off its raison d'etre in msec >= 4... I know this sounds a little 'off the wall'; but I still think msec is ill-conceived... my 8.1 page on msec showed that the core idea is a matrix and the system's security relies on the matrix being completely filled in (http://pfortin.com/Linux/permresults.shtml) -- I don't see how what I'm suggesting could be implemented in the current incantation, beyond bad hacks... time for a new tool...? Pierre
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
