On Mon, 2005-11-14 at 06:18 -0800, Kurt Dillard wrote: > The problems that arise from changing ACLs > on OS components is the unforseen consequences that arise, as > illustrated by the problems from a recent patch already mentioned in > this thread.
This is the attitude towards security I don't agree with. There should never be a compromise on security due to "unforseen circumstances" in a system (OS or other application). It should be assumed that at some point a user may want to remove access to each and every Active Directory object, file, registry key, hard drive block and the effects of that should be studied - even if it won't be recommended to do so. I do understand that by virtue of this there would have to be more open information about a systems inner workings, we should not however accept these limitations without question. This is one of the many arguments for open-source software and is one that I personally don't see addressed by any security guide or documentation. Vendor provided guidelines are all well and good but there are occasions where users want to take it further (which the cited example has shown). Whilst I fully understand that the vendor shouldn't be expected to support such a configuration, I do believe that they should at least admit that it's a possibility and provide information on the possible issues involved in it. If the user finds themselves fully informed of the ramifications, only then are they in a position where they can decide whether or not to accept the risk. -- With Regards.. Barrie Dempster (zeedo) - Fortiter et Strenue "He who hingeth aboot, geteth hee-haw" Victor - Still Game blog: http://reboot-robot.net sites: http://www.bsrf.org.uk - http://www.security-forums.com ca: https://www.cacert.org/index.php?id=3
smime.p7s
Description: S/MIME cryptographic signature
