On 1/17/06, Adam Gibson <agibson@xxxxxxx> wrote: > http://arstechnica.com/news.ars/post/20060113-5975.html > > From all the reading I have done it seems that configuration would be > much easier for most system admins. A utility can learn what access is > needed by monitoring the app so that you don't have to know all the > details of what the app touches to get it working for new apps. Application usage monitoring is not a good security practice to dictate overall security -- while it will show usage patterns which can then be evaluated for security impact it is better to disallow everything and then only allow what is required for the business mission. Just because people are doing things a particular way doesn't mean that is the most appropriate or most secure way. -- WC -Sx- Jones | http://ccsh.us/ | Open Source Consulting
