Path: utzoo!utgpu!watmath!uunet!ukma!cwjcc!tut.cis.ohio-state.edu!osu-cis!att!cuuxb!cuuxun!jhunix!ins_anmy From: ins_anmy@jhunix.JHU.EDU (Norman Yarvin) Newsgroups: unix-pc.general Subject: Re: /etc/shutdown permissions Message-ID: <295@jhunix.JHU.EDU> Date: 28 Nov 88 17:48:46 GMT References: <234@safari.UUCP> <1349@umbc3.UMD.EDU> <426@amanue.UUCP> <4272@encore.UUCP> <435@amanue.UUCP> Reply-To: ins_anmy@jhunix.UUCP (Norman Yarvin) Distribution: unix-pc Organization: JHU Lines: 33 In article <435@amanue.UUCP> jr@amanue.UUCP (Jim Rosenberg) writes: >... Good security means defense in depth. To quote Mark Twain: "Put all your eggs in one basket, and WATCH THAT BASKET!" This is the usual Unix metaphor for security: rectrict yourself to one level of defense, but make that level completely airtight. For instance, /etc/passwd is readable by the world. This is highly reasonable, as _the_ line of defense against password reading is the encryption of passwords. None other is needed. And the readability of the password file has the mental-attitude advantage that it focuses effort on the need for an uncrackable encryption algorithm. As emphasis, let me state that: - To have many imperfect levels of security is to have no security. - To have many imperfect levels and one perfect level of security is to have perfect security; but the imperfect levels might as well be bagged. - To have many perfect levels of security is to have perfect security, but again the extra perfect levels are surplus, and can be discarded. And it is possible, if one assumes the operating system to have no leaks, to have a perfect level of security (i.e. Unix with no setuid programs and no uid root daemons) Norman Yarvin (seismo!umcp-cs | allegra!hopkins) !jhunix!ins_anmy "Christmas -- the day when we celebrate the birth of a 2000 year old superstition by watching pine trees slowly die in our living rooms"