[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Security stuff (fwd)

To: mint@atari.archive.umich.edu
Subject: RE: Security stuff (fwd)
From: Torsten Scherer <itschere@TechFak.Uni-Bielefeld.DE>
Date: Sat, 13 Sep 1997 20:43:59 +0200 (MET DST)

Julian Reschke writes:

> > By keeping such software on another partition, where people working
> > remotely have no access to :)
>
> If you are talking of a setup where *you* control which programs can be
> executed, why go through all the pain of making changing to the kernel
> anyway? If you decide which programs are there you can enforce security
> anyway...

 That is, up to the point where you allow a user to pass any data to
your system which could eventually be written to disk. Even without a
compiler you can theoretically 'upload' programs by means of a shell
and 'echo', and if you then execute them it doesn't matter a pair of
fetid dingos kidneys where all the other dangerous programs are.

 There's absolutely no point in making MiNT secure. This discussion
comes up every once and a while and has so far always settled because
it doesn't work.

ciao,
TeSche

Prev by Date: Re: Security stuff
Next by Date: Re: Security stuff
Previous by thread: Re: Serial.CPX and HS-Modem problems
Next by thread: NcFTP 2.4.2
Index(es):
- Date
- Thread