On Fri, 5 Aug 1994, Marcus J Ranum wrote:
> >In a few years we'll look back on these days and shudder
> >that we worked so hard to make Unix secure. The mere notion of
> >setuid programs and a superuser id prevent security from being possible!
>
> You need to improve your understanding of UNIX and system security.
>
> *MOST* operating systems have a superuser ID or privilege,
> except for ones like DOS that don't have it at all. *MOST* operating
> systems that have privileges have a setuid-like construct to permit
> trusted applications to cross boundaries.
To take this a bit farther: Either *everyone* is superuser (like DOS), or
*some* are superuser and some are not. To be fair, it is possible to
divide security responsibilities into multple partitions - i.e. to break
up superuser priviledges into multiple accounts. Suid programs, on the
other hand, are a terrific way for programmers to allow users to interact
with data in only a prescribed manner.
[Bad code can be written for good systems deleted]
> mjr.
>
----------------------------------------------------------------------------
It's *amazing* what one can accomplish when
one doesn't know what one can't do!
References:
|
|
