* Alan Cox <[email protected]> [060418 21:20]:
> Poor security systems lead to less security than no security because it
> lulls people into a false sense of security. Someone who knows their
> house is insecure doesn't keep valuable items in it. Someone who thinks
> their house is secure but it is not increases the risk not decreases it.
>
> Doing good security is hard, and it does need to be from a "default
> deny" basis.
Too strict security can also lead to less security than no security at
all. This is especialy true if security of only a part is too strict.
If system config files are only readable by root (or some admin role),
people will work as root (or with that admin role) to read them,
instead of adding some new config-file-reading group/role.
If users are forbidden to log in remotely via ssh, they might run
outgoing ssh portforwarding some telnet-like protocol in. If you
restrict what can be run on the computers too much, people might try
to plug in their laptops. If you force the doors locked and give too
few people a key, they will start leaving the windows open.
Hochachtungsvoll,
Bernhard R. Link
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]