In a message dated: Thu, 22 Jun 2000 12:12:55 EDT
Bob Bell said:
> Root or sudo access isn't even required for this, so why bring it up.
To point this exact thing out. Security isn't only about who has root. But,
consider that you only work on True64, do you have access to the schematics of
the Alpha? Or the Itsy? Possibly so, but in a properly secured environment,
these projects would be compartmentalized, so the damage would be restricted
to that one area the user had access to.
Additionally, we could then possibly trace the damage trail back to your
office, and potentially obtain physical evidence left behind by the criminal.
If you had left a root session logged in, that person could much more easily
cover their tracks, they could su to another user thereby gaining access to a
completely different project.
This is but one scenario, and there are infinite possibilities. I'm merely
trying to point out that we all need to do what we can to limit these.
>> Now they can su to any user at all and access anything they need to.
>
> Oh, is that why. I suppose this would cause a problem if I am
>explicitly interested in Joe User's widget prototype, which is only
>available when logged in as root or joeuser. First of all, note that
>again I still don't need root if I wait for Joe User to be the one to
>forget to lock his screen. Also, I do have root to my desktop here,
>but I am unable to access another employee's files. I am able to
>become root on my own machine, and then even su to another user (say,
>pll, just for the sake of argument :-) ). However, pll's files
>aren't available, as they are exported to my machine. They are only
>exported to pll's workstation(s) and the production servers. However,
>I am unable to become root or pll on those machines. I can't log in
>as root to those machines because I don't know the root password. I
>can't even try to su to root because I'm not part of the system group.
No, but you could su to pll, then use yppasswd to change my password and
thereby gain access to my sudo priviledges, which most likely give you any
access you need on any machine at all. All this would be mostly impossible if
root access weren't compromised in the first place.
> To summarize, I'm not seeing how giving me root in this setup
>makes it any more likely for me to cause harm, beyond what I could
>already do as a normal user (rogue employee or janitor/spy accessing
>an unlocked screen).
>
>> The point of security is to keep honest people honest, dishonest people out,
>> and hopefully force those with malicious intent to jump through enough
>> hoops such that they get caught.
>
> Well, at least we continue to agree on the point, if not the
>implementation in all cases.
Agreed :)
--
Seeya,
Paul
----
"I always explain our company via interpretive dance.
I meet lots of interesting people that way."
Niall Kavanagh, 10 April, 2000
If you're not having fun, you're not doing it right!
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
