On Dec 24, 2007 2:00 PM, kenw <[EMAIL PROTECTED]> wrote: > It does us no good to have an OS that is, in theory, capable of being > completely secure, if the administration requirements to keep it that > way are impractical.
Indeed. Real world example: On one of our high-security systems, they tried to give us a requirement to basically log the Security "Audit Failure" events for every file access. That sounds good in theory -- "Let's see when users are trying to access things they don't have access to". Then you discover that a lot of software (including Windows Explorer, MS Office, the AV software, etc.) trigger audit failures constantly as part of their normal operations. The security log thus would contain thousands and thousands of failure events for every day. How does that help security? -- Ben ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~
