Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!accuvax.nwu.edu!delta.eecs.nwu.edu!phil From: phil@delta.eecs.nwu.edu (William LeFebvre) Newsgroups: comp.unix.wizards Subject: Re: Unix network security (was "CERT Internet Security Advisory") Message-ID: <1069@accuvax.nwu.edu> Date: 18 Aug 89 20:58:41 GMT References: <3855@fy.sei.cmu.edu> <1064@accuvax.nwu.edu> <3942@phri.UUCP> <4614@thor.acc.stolaf.edu> Sender: news@accuvax.nwu.edu Reply-To: phil@delta.eecs.nwu.edu (William LeFebvre) Organization: Northwestern U, Evanston IL, USA Lines: 28 In article <4614@thor.acc.stolaf.edu> mike@thor.stolaf.edu (Mike Haertel) writes: >Clearly, >systems should be designed to facilitate peoples' preferred ways of >working. They should also be designed to insure a certain amount of security to help guarantee their integrity for the legitimate users. >It is better to have to occasionally find and deal with a bad >guy than to cripple everyone just on the offhand chance that a bad guy >might cause trouble. The problem with that thinking is that by the time you find out the bad guy is being bad, it's too late. We were REAL lucky that Morris's worm wasn't designed to do any harm, removing files at random for example. If it had, then the results would have been absolutely catastrophic. What you're saying is: I don't want this lock on my door, because it's better to catch the burglar after he has broken in and stolen/destroyed everything than to force myself to lock and unlock the house every day just on the offhand chance that a bad guy might cause trouble. William LeFebvre Department of Electrical Engineering and Computer Science Northwestern University