Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!swrinde!zaphod.mps.ohio-state.edu!sdd.hp.com!hplabs!hpcc01!hpcuhb!hpcllla!hpclisp!defaria@hpclapd.HP.COM
From: defaria@hpclapd.HP.COM (Andy DeFaria)
Newsgroups: comp.unix.questions
Subject: Re: How secure is UNIX? (Re: Stupid man pages)
Message-ID: <720018@hpclapd.HP.COM>
Date: 13 Jun 90 16:33:01 GMT
References: <1990May23.100928.10699@agate.berkeley.edu>
Organization: Hewlett-Packard Calif. Language Lab
Lines: 34

>/ hpclapd:comp.unix.questions / jik@athena.mit.edu (Jonathan I. Kamens) /  4:49 pm  Jun 12, 1990 /

>  Given all this, I think that any security which depends on the
>unreadibility of one file is flawed.

Yeah but what do you call leaving the file totally readable?  What would be
an unflawed security scheme?

As   fas as "a  system too  secure is  unusable" goes   I believe that  the
security of system should be set up  such that you have access  to the info
that you need and  are not allowed  to get  at  info that you don't need or
that would  compromise the security of  the  system.   The biggest problems
that I see to this set up is:

	1) Determining what all users need to be able to  access.   This is
	   done  initially  by   system  admin  BUT IT MUST  BE AN ON-GOING
	   ITERRATIVE AND  INTERACTIVE  PROCESS.  If  this  is not  carried
	   through properly the system does indeed become hard to use.

	2) Having  a system  admin that puts  up  stupid rules and barriers
	   under the name of security.  If  someone has a litgitimate (sp?)
	   need for   a   piece of  info then   there  shouldn't be  a  big
	   buerucratic  (sp?) process to  get  the  proper permissions   to
	   access the info.  If the system admin people start saying things
	   like "I can't allow you to look at  this... It's company policy"
	   then you're in trouble (especially when you  ask "Why?" and they
	   simply say "It's company policy".  I seriously believe  that any
	   person that does this should be shot!).

All in all if the system is set up right you  should only be accessing info
that  you need to access and  you should  have the capability to  access it
anyway.  If you are  attempting to access  info and you  can't it should be
because  you  probably don't need that  info and if  you really do, then it
should be a simple procedure to get access to it.