At 10:44 -0800, 10 Feb. 1998, Marilyn Davis <marilyn@deliberate.com> wrote:
> But honestly, the code itself is good. I may not know so much about
> security but I know a lot about serving data.
Any time that a someone is able to pass data to a program operating with
a priviledge that he/she has does not have, security should be one of
the (if not *the*) primary concerns. And, that is the case here, a user
feeds data to a program running on a machine that he/she doesn't have
access to.
There are some basic checks that definately should (must) be done to
lessen the chances of a break in. Many of these checks are not
necessary to ensure that the program operates correctly under normal
conditions, and so are not done by someone who is not thinking about the
security ramifications.
> As I understand you, this fixes the machine's security, which admittedly
> is of less concern to me than vote security.
If root on the machine is compromised, so is the vote (and, quite
possibly, much of the local network). The opposite is not true,
therefore the vote security is actually less important (although maybe
only slightly).
--
Aaron Schrab aaron@schrab.com http://www.execpc.com/~aarons/
To err is human -- to blame it on a computer is even more so.
Follow-Ups:
References:
|
|
