Re: Executing a file remotely

From: Ben Finney (bignose-hates-spam_at_and-benfinney-does-too.id.au)
Date: 02/12/04

• Next message: robsom: "Re: splitting tables"
• Previous message: Cameron Laird: "Re: Executing a file remotely"
• In reply to: Cameron Laird: "Re: Executing a file remotely"
• Next in thread: Hank: "Re: Executing a file remotely"
• Reply: Hank: "Re: Executing a file remotely"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Date: 12 Feb 2004 11:20:30 +1050

On Thu, 12 Feb 2004 00:29:42 -0000, Cameron Laird wrote:
> I believe soundwave56 is focused on Windows hosts. There, the correct
> initial answer to, "how would I execute a file remotely?" is, through
> a security breach.

No, the correct answer (on any operating system) is "through a
remote-execution facility". "Security breach" is dependent on the
security policy in place; remote execution can be a perfectly
permissible operation, or a serious breach of security, depending on
the specific circumstances and what the security policy allows.

> That's a serious answer. Operating systems are not *supposed* to
> allow "outsiders" to execute processes.

Utter rot. Operating systems are supposed to do what the person owning
the hardware tells them to do.

Whether "outsiders" are allowed to execute programs on the operating
system is entirely dependent on how you define "outsiders". Some
operating systems are designed to treat remote users and local users
identically; on such systems, "outsider" is not a function of "remote or
local", but rather "permitted or not permitted".

On other operating systems, multiple-user and networking is a bolt-on
afterthought, and an unnecessary line is drawn between local and remote
users. The availability of smooth, simple remote-execution facilities
on such operating systems will likely be poor.

-- 
 \       "When a well-packaged web of lies has been sold to the masses |
  `\    over generations, the truth will seem utterly preposterous and |
_o__)                 its speaker a raving lunatic."  -- Dresden James |
Ben Finney <http://bignose.squidly.org/>

---

• Next message: robsom: "Re: splitting tables"
• Previous message: Cameron Laird: "Re: Executing a file remotely"
• In reply to: Cameron Laird: "Re: Executing a file remotely"
• Next in thread: Hank: "Re: Executing a file remotely"
• Reply: Hank: "Re: Executing a file remotely"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Relevant Pages Re: Executing a file remotely ... security breach because it does require user name and password. ... Operating systems are supposed to do what the person owning ... > operating systems are designed to treat remote users and local users ... (comp.lang.python) [dwheeler@IDA.ORG: DARPA BAA #01-24 - funding security research for open source OSs.] ... DARPA BAA #01-24 - funding security research for open source OS's. ... operating systems, the U.S. DARPA has released a "Broad Area Announcement" ... (FreeBSD-Security) RE: protect MS Windows 95/98/Me ... tech savvy individuals, bypassing those policies ... Microsoft products) does not exist on Windows 9x ... > There is no security features in win9x OS. ... > operating systems. ... (Security-Basics) Re: [Full-Disclosure] Support the Sasser-author fund started ... >>Why should Microsoft have more blame? ... > was put together without security in mind. ... > and cases where worms and viruses have been created for them (cf. the ... MS operating systems weren't really designed with security in mind ... (Full-Disclosure) Re: How NSA access was built into Windows ... By arguing that secure operating systems are indispensable to system ... security, the authors hope to spawn a renewed interest in operating ... is important that mechanisms exist to report violations of that security ... (Fedora)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(13)