Firewall Wizards mailing list archives
Re: Ports and privileges
From: John Lines <John.Lines () aeat co uk>
Date: Wed, 25 Feb 1998 10:14:55 +0000
The separation of "root" into multiple small privileges is exactly what is done on many of the trusted operating systems. When using one of these systems as your webserver or firewall base, you avoid many of the problems experienced with less secure operating systems.Of course, this only works with a kernel audit; many of the privileges that are currently guarded with, say, suser() in 4.4BSD, are equivalent to root, and not always in obvious ways. Not that dividing up root is a bad thing (quite the opposite!), just that it's trickier than it seems to do it with maximal effectiveness.
Dec VMS had a multiple small privilege system from the outset, and I found
it very useful, even though you could leverage full privs from most of them.
The privileges act like the safety catch on a gun, they will stop you
shooting yourself in the foot with it, even if they dont stop someone else
shooting you if you let them get their hands on it.
John Lines
Current thread:
- Re: Ports and privileges, (continued)
- Re: Ports and privileges tqbf (Feb 21)
- Re: Ports and privileges Darren Reed (Feb 21)
- Re: Ports and privileges tqbf (Feb 21)
- Re: Ports and privileges Vinci Chou (Feb 24)
- Re: Ports and privileges Bret McDanel (Feb 25)
- Re: Ports and privileges tqbf (Feb 27)
- Re: Ports and privileges Doug Hughes (Feb 27)
- Re: Ports and privileges Joseph S. D. Yao (Feb 27)
- Re: Ports and privileges Darren Reed (Feb 21)
- Re: Ports and privileges tqbf (Feb 21)
- Re: Ports and privileges Paul McNabb (Feb 24)
- Re: Ports and privileges tqbf (Feb 24)
- Re: Ports and privileges John Lines (Feb 25)
- Re: Ports and privileges tqbf (Feb 24)
- Re: Ports and privileges Paul McNabb (Feb 25)