@ub and @cb issues - an idea

Jay R. Ashworth jra at baylink.com
Wed Apr 21 09:58:19 PDT 2004


On Wed, Apr 21, 2004 at 12:02:08PM -0500, Steve Wiltsie wrote:
> > Not to mention the fact that since it is an external file what is
> > to keep someone from changing the file that carries the names.
> >
> > "No - I didn't create that record, Tommy did.  See the @CB"  after
> > he change the file.  You'd have to play with the password file in
> > Unix to achieve the same level of obfuscastion.
> 
> Are you also concerned about someone modifying the text-based Configuration
> File now?  If this was part of that, or handled similarly by filePro, what
> would be the difference - from a security standpoint?

On Windows?  Nothing.  That's sort of the point, here, I guess: do you
provide a change identification mechanism that you are aware can be
trivially spoofed, or do you *consciously* break it, so that people who
might foolishly depend on it... can't.

I actually rather prefer the latter approach.

My followup would be, if something like this *is* implemented, that to
turn it on, you ought to have to set PF_ENABLE_UNSAFE_WINDOWS_UID to YES or
something similar that puts the responsibility squarely in the
administrators lap.  We call it a 'conscious act', in the security
business, and the snarky name of the suggested variable is the *main*
part of it.

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra at baylink.com
Member of the Technical Staff     Baylink                             RFC 2100
The Suncoast Freenet         The Things I Think
Tampa Bay, Florida        http://baylink.pitas.com             +1 727 647 1274

        "They had engineers in my day, too."  -- Perry Vance Nelson


More information about the Filepro-list mailing list