Firewall Wizards mailing list archives
Re: High ranking lusers
From: Rick Smith <rick_smith () securecomputing com>
Date: Thu, 16 Apr 1998 18:27:18 -0500
Anonymous penned a Dilbertesque vignette:
Little Boss: The Big Boss wants a shell script to be setuid root.
This one sentence says it all, the rest just fills in the other panels of the comic strip. We have here a failure to divide up responsibilities properly within the company. It's bad business if a manager is responsible for system integrity and also has business objectives that he can achieve by putting holes in the system. This is like putting the same person in charge of both accounts receivable and accounts payable, except the guy doesn't make money off of it. Now, if Big Boss' fiefdom is the sole user of the computer in question, then Big Boss is certainly within his rights to dig his own grave. On the other hand, if this computer is shared by other departments (finance, HR, operations, business development, etc) then he's indulging in truly bad karma at a corporate level. Ultimately, people are always allowed to do dumb things as long as the company makes lots and lots of money off of it. Look at analog cell phone security. Rick. smith () securecomputing com
Current thread:
- High ranking lusers Anonymous (Apr 16)
- Re: High ranking lusers Paul D. Robertson (Apr 17)
- Re: High ranking lusers Bennett Todd (Apr 17)
- Re: High ranking lusers carson (Apr 17)
- Re: High ranking lusers Henry Hertz Hobbit (Apr 19)
- Re: High ranking lusers carson (Apr 19)
- Re: High ranking lusers Chip Christian (Apr 20)
- Re: High ranking lusers Henry Hertz Hobbit (Apr 20)
- Re: High ranking lusers Henry Hertz Hobbit (Apr 19)
- <Possible follow-ups>
- Re: High ranking lusers David Collier-Brown (Apr 21)