Firewalls: Powerbroker.

Firewalls
(September 1994)

Indexed By Thread: [Previous] [Next]

Subject:	Powerbroker.
From:	Herb Peyerl <Herb . Peyerl @ sidney . novatel . ca>
Date:	Wed, 14 Sep 1994 09:29:11 -40962758 (MDT)
To:	firewalls @ greatcircle . com
Cc:	dan @ fsa . ca

[I've been forwarding the Powerbroker discussion to Dan Freedman of Freedman
Sharp and have received the following.  Arguably; this isn't related to 
discussion of Firewalls so I would imagine further discussion should probably
be taken offline in private mail.  Also; I'm in no way related to this company
other than a personal aquaintance.  ie: Don't shoot the messenger. :-) ]

Forwarded message:
: From dan @
 fsa .
 ca Wed Sep 14 09:06:53 1994
: X-Sender: dan @
 newt
: Message-Id: <aa9ccf090e021004745c @
 [192 .
 197 .
 97 .
 209]>
: Mime-Version: 1.0
: Content-Type: text/plain; charset="us-ascii"
: Date: Wed, 14 Sep 1994 09:17:26 -0700
: To: Herb Peyerl <Herb .
 Peyerl @
 sidney .
 novatel .
 ca>
: From: dan @
 fsa .
 ca (Dan Freedman)
: Subject: Re: The discussion continues....
: 
: Hi Herb,
:         Thanks for the forward. I have a couple of comments on this post,
: just in case anyone wants to jump in and defend PowerBroker. Thanks for
: keeping me up to date!
: 
:                 Dan
: 
: 
: 
: >: >Date: 9/12/94 6:33 PM
: >: >From: David Wolfskill
: >: >I would expect that a person with root access could modify any of:
: >:
: >: >* the audit trail iteslf;
: >: >* the programs that control who has access to what;
: >: >* the programs that create the audit trail; or
: >: >* the files that control who has access to what uids
: >:
: 
: Hmm. The interesting point is that root access is only typically granted on
: machines other than the one running pbmasterd (which also stores the log
: files and configuration files).
: 
: 
: Marcus (below) has a good idea, but not if you want to run anything
: interactive like a shell, or vi or emacs.
: 
: 
: 
: >
: >: From: Marcus J Ranum <mjr @
 tis .
 com>
: >: Date: Wed, 14 Sep 94 00:16:14 EDT
: >: Subject: Re: PowerBroker and root acc
: >:
: 
: 
: ________________________________________________________________________________
:          Dan Freedman,  Director,  Freedman Sharp and Associates Inc.
:          508, 1011 First Street SW, Calgary, Alberta, Canada T2R 1J2
:          phone (403) 264 4822, fax (403) 264 0873, email: dan @
 fsa .
 ca
: ________________________________________________________________________________
: 
:   ***************************************************************************
:   *See PowerBroker and FSA in San Diego at USENIX LISA, Sept. 21-22, booth 6*
:   ***************************************************************************

[End of forward]

hpeyerl @
 novatel .
 ca                           |  NovAtel Communications Ltd.
hpeyerl @
 fsa .
 ca                               | <nothing I say matters anyway>
 "A sucking chest wound is nature's way of telling you to slow down."

Indexed By Date	Previous:	Re: Classes on firewalls From: Mark . Hickey @ ov . com
Indexed By Date	Next:	Re: Classes on firewalls From: Howard Berkowitz <hcb @ clark . net>
Indexed By Thread	Previous:	Re: TIS on BSD/386 From: Frederick M Avolio <avolio @ tis . com>
Indexed By Thread	Next:	DNS on BAstion host From: "William D. Kramp" <krampwd @ snyflcc . fingerlakes . edu>