Re: Of mice and men

---

• From: mwojcik@xxxxxxxxxxx (Michael Wojcik)
• Date: 9 May 2005 17:44:57 GMT

---

In article <irUee.3045$w15.2716@xxxxxxxxxxxxxxxxxxxxxxx>, "jce" <defaultuser@xxxxxxxxxxx> writes:
>
> Someone could download something, install something as a root user and be
> _totally_ oblivious to the fact that now their machine has a security hole.
> Or is that impossible? Maybe they've fixed this up now, I don't hack so I
> don't really know.

Making it impossible for the superuser on a Unix system to create
security holes would make that OS no longer Unix. While some Unix
variants have reduced superuser privileges in limited ways (eg the
"immutable" file permissions bit), creating a "perfectly secure"
superuser would result in an OS that didn't even resemble Unix, much
less conform to the standard.

Unix isn't perfectly secure. It's not even very secure, compared to,
say, Plan 9 or OS/400 (when those are administered correctly). It's
often more secure than Windows, because Windows is often used in a
completely insecure manner.

And yes, users are often the weakest link. They assign trust where
it isn't warranted. They have poor data hygiene. They're susceptible
to social engineering. They're careless, forgetful, lazy; they take
shortcuts. They're frequently confused or wrong about proper security
practices. They're often deliberately malicious.

--
Michael Wojcik michael.wojcik@xxxxxxxxxxxxxx

"We are facing a dire shortage of clowns," said Erickson, also known as
Jingles.
.

---

• References:
  • Of mice and men
    • From: Pete Dashwood
  • Re: Of mice and men
    • From: Donald Tees
  • Re: Of mice and men
    • From: Pete Dashwood
  • Re: Of mice and men
    • From: jce
  • Re: Of mice and men
    • From: Pete Dashwood
  • Re: Of mice and men
    • From: Donald Tees
  • Re: Of mice and men
    • From: jce
  • Re: Of mice and men
    • From: Donald Tees
  • Re: Of mice and men
    • From: jce
  • Re: Of mice and men
    • From: Richard
  • Re: Of mice and men
    • From: jce

• Prev by Date: Re: Of mice and men
• Next by Date: Re: Of mice and men
• Previous by thread: Re: Of mice and men
• Next by thread: Re: Of mice and men
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Unix vs. Windows Security ... and b) security will mean Internet security. ... There are some core issues at the heart of the UNIX vs. Windows security ... Neither were ever designed to be secure. ... (comp.security.misc) Re: Unix vs. Windows for Security ... maintain in a secure environment. ... security problems. ... > Unix is a multiuser operating system, so out of the box it is far from ... > don't have that multiuser shell ability on Windows you have on Unix. ... (comp.security.unix) Re: Question Please Help! ... that is an opinion) unix made the right descition. ... thus having less bugs that may lead to security problems. ... > on Earth that runs on MS Windows or on Unix. ... > people, and thus are more secure (by means of, for example, a number ... (comp.security.unix) Re: Apple Computer sides with Satan ... >> not that secure. ... My experience with early Unix was that the computer was not that secure. ... > Granted, FreeBSD isn't a hardened OS, but it's reasonably secure. ... > XP security is reasonably good, ... (sci.astro.amateur) Re: compile+link Fujitsu Linux ... the Unix and Windows worlds. ... I wasn't trying to change your way of doing things, I was answering Charles' question. ... Security that depends on user ignorance is so 1980s. ... libraries was 'more secure'. ... (comp.lang.cobol)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

coding.derkeiler.com  > Archive  > Cobol  > comp.lang.cobol  > 2005-05