[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security Plan



On Sun, 5 Dec 1999, JF Martinez wrote:
> The goal is not making Indy an electronic version of Fort Knox: this
> brings up many inconveniences for the user.

true
 
> In addition: the whole setuid concept is a major problem for security
> => Unix will never be as secure as a mainframe with a mildly vigilant
> sysadmin.
> 
> Now there are three problems in security: internal and external.

three?

> Because people need to share data easily for work Unix by default does
> not try to put strong barreers against people in the same organization
> (it is implicitly assumed employees are loyal and none is a spy
> working for a competitor, notice that if one of your employees is
> disloyal he will have many opportunities to gather information from
> non electronic sources).

good point. It seems that if indy is aimed at the home user, then internal
security is not a high priority, but external security should be. This
doesn't mean that there should be wide gaping holes in the internal
security, just that it shouldn't be locked down so tight that a user has
difficulty using the system.

IIRC, during installation indy asks the user how the machine is going to
be used choices are server, desktop, workstation and custom. A user who
chooses 'server' is likely to have a greater need for internal security
than the other two. Perhaps we could discriminate like this over security.
If the installations are going to be internet connected at some stage (a
valid assumption), then they all need external security, but perhaps the
server's needs to be more bullet-proof?

> However people needing really strong protection (like military) have
> experienced syadmins at ahnd.  Our problem is the user who has nothing
> to hide to other users in his household (except to his wirfe :-) but

encryption is good for things like that. So I've heard,,,

> don't want to find half his disk has been wiped out by a never do well
> who exploited a security hole in a daemon he shouldn't have been
> running in first place.
> 
> That is why instead of going for very strong protection we should go
> for easy or automatic protection, specially protection from the
> outside.  

Agreed.

> As abn example Lokkit detected that I has a dial up box and
> then blocked all ports, it asked me for a few ones like http and that
> was all.

I've not had a chance to play with Lokkit yet, but hope to soon.
 
I also plan on trawling securityfocus.com to see if they have any security
products we could use.

David
--		   ,------------------------------,
,==================| S H U N  A N T I O N L I N E |=================,
| David M. Webster '------------------------------' (aka cogNiTioN) |
|===| I use Linux everyday to up my productivity - so up yours! |===|
|=================|-| PGP KeyID: 0x 45 FA C2 83 |-|=================|
| <cognition@bigfoot.com> |-|===========|-| http://www.cognite.net/ |
`===========| I walk to the beat of a different drummer |==========='