@ub and @cb issues - an idea
Jay R. Ashworth
jra at baylink.com
Wed Apr 21 09:58:19 PDT 2004
On Wed, Apr 21, 2004 at 12:02:08PM -0500, Steve Wiltsie wrote:
> > Not to mention the fact that since it is an external file what is
> > to keep someone from changing the file that carries the names.
> >
> > "No - I didn't create that record, Tommy did. See the @CB" after
> > he change the file. You'd have to play with the password file in
> > Unix to achieve the same level of obfuscastion.
>
> Are you also concerned about someone modifying the text-based Configuration
> File now? If this was part of that, or handled similarly by filePro, what
> would be the difference - from a security standpoint?
On Windows? Nothing. That's sort of the point, here, I guess: do you
provide a change identification mechanism that you are aware can be
trivially spoofed, or do you *consciously* break it, so that people who
might foolishly depend on it... can't.
I actually rather prefer the latter approach.
My followup would be, if something like this *is* implemented, that to
turn it on, you ought to have to set PF_ENABLE_UNSAFE_WINDOWS_UID to YES or
something similar that puts the responsibility squarely in the
administrators lap. We call it a 'conscious act', in the security
business, and the snarky name of the suggested variable is the *main*
part of it.
Cheers,
-- jra
--
Jay R. Ashworth jra at baylink.com
Member of the Technical Staff Baylink RFC 2100
The Suncoast Freenet The Things I Think
Tampa Bay, Florida http://baylink.pitas.com +1 727 647 1274
"They had engineers in my day, too." -- Perry Vance Nelson
More information about the Filepro-list
mailing list