Should openSUSE review it's Security Policies?

classic Classic list List threaded Threaded
207 messages Options
1234567 ... 11
Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Roger Oberholtzer
On Thu, 2012-03-01 at 07:59 -0500, James Knott wrote:

> Roger Oberholtzer wrote:
> >> How does it solve the problem if an employer doesn't want to give
> >> >  employees root access, but expects them you be able to use WiFi?
> > Hmm. I use WiFi in three offices, hotels, home, and wherever. On KDE I
> > set it up via network manager. I am never root for that. Same with wired
> > connections. I think the problem is that network manager seems to have
> > gone through a bad stretch where it could, in some updates, stop
> > working. That, for wifi on openSUSE, is the issue. I do not know if the
> > gnome equivalent has had such a seemingly turbulent recent history.
>
> In 12.1, you need root password to initially configure a WiFi
> connection.  Once that's done, you can use it without root password.  
> Earlier versions did not require root password to establish a connection.

Do you mean in YaST where you say you want it to be managed by ifup or
by the user? Isn't that selectable when the OS in initially installed?
If the installer person selects that it is to be controlled by the user,
then that is that.

We do our installs from OEM images we create with KIWI. There we have
set the defaults so the installer person does not even have to get it
right. But in the standard openSUSE installer, I really think this is
available. I may be wrong.


Yours sincerely,

Roger Oberholtzer

OPQ Systems / Ramböll RST

Office: Int +46 10-615 60 20
Mobile: Int +46 70-815 1696
[hidden email]
________________________________________

Ramböll Sverige AB
Krukmakargatan 21
P.O. Box 17009
SE-104 62 Stockholm, Sweden
www.rambollrst.se


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Roger Oberholtzer
In reply to this post by Per Jessen-2
On Thu, 2012-03-01 at 13:02 +0100, Per Jessen wrote:
> Roger Oberholtzer wrote:
>
> > Well, these suppliers provide, quite often, QT apps that allow one to
> > configure their devices. They need to first locate them. A network
> > broadcast is what they would like to do. Except on Linux this requires
> > root permissions.
>
> I'm not at all sure, but isn't this managed with capabilities?  There is
> a CAP_NET_BROADCAST (although the man page says "unused").

You have my attention. Where is this?


Yours sincerely,

Roger Oberholtzer

OPQ Systems / Ramböll RST

Office: Int +46 10-615 60 20
Mobile: Int +46 70-815 1696
[hidden email]
________________________________________

Ramböll Sverige AB
Krukmakargatan 21
P.O. Box 17009
SE-104 62 Stockholm, Sweden
www.rambollrst.se


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

James Knott
In reply to this post by Roger Oberholtzer
Roger Oberholtzer wrote:
> Do you mean in YaST where you say you want it to be managed by ifup or
> by the user? Isn't that selectable when the OS in initially installed?
> If the installer person selects that it is to be controlled by the user,
> then that is that.

The KDE network manager requires root password to configure a WiFi
conntection.  This means that when I try to use a new WiFi access point,
I have to create the connection with the root password.  On my own
computer, this is not an issue, as I know the root password.  In a
corporate environment, it's a killer.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Per Jessen-2
In reply to this post by Roger Oberholtzer
Roger Oberholtzer wrote:

> On Thu, 2012-03-01 at 13:02 +0100, Per Jessen wrote:
>> Roger Oberholtzer wrote:
>>
>> > Well, these suppliers provide, quite often, QT apps that allow one
>> > to configure their devices. They need to first locate them. A
>> > network broadcast is what they would like to do. Except on Linux
>> > this requires root permissions.
>>
>> I'm not at all sure, but isn't this managed with capabilities?  There
>> is a CAP_NET_BROADCAST (although the man page says "unused").
>
> You have my attention. Where is this?
>

Well, maybe start with "man capabilities".  I think that is where I saw
CAP_NET_BROADCAST mentioned.  I have never played with any of this, but
my understanding is that you can manage various capabilities on a
per-process or per-user basis.  I'm grasping at straws, but I'm sure
somebody here will have an actual understanding of this.



--
Per Jessen, Zürich (11.2°C)

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Johannes Meixner
In reply to this post by Roger Oberholtzer

Hello,

On Mar 1 12:18 Roger Oberholtzer wrote (excerpt):
> ... the root problem (pun intended) remains. What is
> needed is a general approach to these permissions.

If the use case is "printer setup on my own machine",
I think - but I am not at all a security expert - it should
be an acceptable solution when the normal user's password
and the root password are the same so that from the user's
point of view there is just one password i.e. THE password.

Then configuration changes could still require THE password
which is - from my point of view - sufficiently easy to use
and sufficiently secure because:

- The owner of the machine can do any configuration changes,
   he only must provide THE password.

- The owner of the machine cannot do configuration changes
   by accident because he must provide THE password.

- Arbitrary persons who get access to the machine cannot
   do configuration changes (i.e. arbitrary persons cannot
   hijack the machine when it is running unattended).

As far as I noticed what other wrote in this thread, this could
be even already the default when installing an openSUSE system.

If yes I wonder what the whole discussion is about?

Does anybody really want that arbitrary persons are allowed
by default to do configuration changes?

I assume nobody wants this.

Therefore I assume what is wanted is that not only one person
is allowed by default to do configuration changes but that
it is possible to allow particular other users (e.g. the
owner of the machine and his best friend) to do particular
configuration changes.

As far as I know this is currently not possible.

If this is wanted, a FATE feature request should help...

Hint:
https://features.opensuse.org/


> As to the printer things: isn't it mainly configuration file
> access that is the problem?

No.

Print queue related configuration files are written by the cupsd
which has the right permissions to deal with its own files.

Please see the documentation, in particular have a look at
"General information on the command-line tools" and
"Allow printer admin tasks for a normal user" at
http://en.opensuse.org/SDB:CUPS_in_a_Nutshell

Regarding CUPS policies, have a look at the YaST printer module.


By the way:

As far as I understand  Vincent Untz' comment
https://bugzilla.novell.com/show_bug.cgi?id=749451#c3
this could be - from my point of view - a major security issue
when the Gnome desktop printer setup tool system-config-printer
does not work in compliance with the CUPS "Operation Policies"
but uses instead its own kind of "provide admin permissions"
tool cups-pk-helper.

Assume someone has set up his own computer and thinks it is
secure against configuration changes so that he can let
someone else work on his computer - but actually this other
person can change the print queues via the Gnome desktop
so that all (possibly confidential) print jobs print as usual
(so that the betrayal is not easily noticed) but additionally
it sends a copy of what is printed to an external destination.

I hope that by default this is currently not possible
but I think many ask for such a default.

And vice versa:
Assume someone has set up the CUPS operation policy
"allowallforanybody" so that anyone can do any printing stuff
but this does not work under the Gnome desktop because
the Gnome desktop printer stuff does not work in compliance
with the CUPS "Operation Policies".

I did not test if this is actually the case.

I only like to point out that it is in general a bad idea
when a desktop environment would do such stuff on its own.

Generally:
It is a very bad idea when whatever kind of higher-level programs
do not work in compliance with the underlying lower-level stuff.


Kind Regards
Johannes Meixner
--
SUSE LINUX Products GmbH -- Maxfeldstrasse 5 -- 90409 Nuernberg -- Germany
HRB 16746 (AG Nuernberg) GF: Jeff Hawn, Jennifer Guild, Felix Imendoerffer
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Carlos E. R.-2
In reply to this post by lynn-32
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2012-03-01 09:24, lynn wrote:

>> Wireshark uses promiscuous mode and should be root only.
>>
> But on ubuntu, I can run it as a user. Can I do that on 12.1?

You can probably suid the binary.

- --
Cheers / Saludos,

                Carlos E. R.
                (from 11.4 x86_64 "Celadon" at Telcontar)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAk9PiRMACgkQIvFNjefEBxr/QQCffAOpwXbGXCoPd0YXL4MLePeg
hj0AoMH/H8aQ3jvZ2mr1y60Twqde/if0
=8G6d
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Dave Howorth
In reply to this post by Jim Henderson-4
Jim Henderson wrote:

> On Wed, 29 Feb 2012 22:14:09 +0100, Marcus Meissner wrote:
>
>>> I've worked with Linus on a hardware issue years ago, and I think we
>>> should probably at least consider reviewing the policies if they do
>>> need changed.
>> He should stop asking us to commit suicide first.
>
> Just because he expressed himself poorly doesn't mean he doesn't have a
> valid point, Marcus.  We shouldn't ignore the point just because it was
> poorly expressed.

I think there may be a cultural issue here. If Linus and Marcus worked
for a European company, Linus would be open to a disiplinary offence of
harrassment.

Marcus didn't ignore Linus' point. He simply asked to be treated with
respect.
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Roger Oberholtzer
In reply to this post by James Knott
On Thu, 2012-03-01 at 08:35 -0500, James Knott wrote:

> Roger Oberholtzer wrote:
> > Do you mean in YaST where you say you want it to be managed by ifup or
> > by the user? Isn't that selectable when the OS in initially installed?
> > If the installer person selects that it is to be controlled by the user,
> > then that is that.
>
> The KDE network manager requires root password to configure a WiFi
> conntection.  This means that when I try to use a new WiFi access point,
> I have to create the connection with the root password.  On my own
> computer, this is not an issue, as I know the root password.  In a
> corporate environment, it's a killer.

I have to check this at home tonight. Perhaps I whip out the root
password without thinking. (Great security, that). But my feeling is
that root access is only needed to set a new wireless interface (the
bits in the laptop) to be ifup or user managed. After that, if user
access was selected, the interface can connect to new access points
under user control. Hmm.


Yours sincerely,

Roger Oberholtzer

OPQ Systems / Ramböll RST

Office: Int +46 10-615 60 20
Mobile: Int +46 70-815 1696
[hidden email]
________________________________________

Ramböll Sverige AB
Krukmakargatan 21
P.O. Box 17009
SE-104 62 Stockholm, Sweden
www.rambollrst.se


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Roger Oberholtzer
In reply to this post by Dave Howorth
On Thu, 2012-03-01 at 14:46 +0000, Dave Howorth wrote:

> Jim Henderson wrote:
> > On Wed, 29 Feb 2012 22:14:09 +0100, Marcus Meissner wrote:
> >
> >>> I've worked with Linus on a hardware issue years ago, and I think we
> >>> should probably at least consider reviewing the policies if they do
> >>> need changed.
> >> He should stop asking us to commit suicide first.
> >
> > Just because he expressed himself poorly doesn't mean he doesn't have a
> > valid point, Marcus.  We shouldn't ignore the point just because it was
> > poorly expressed.
>
> I think there may be a cultural issue here. If Linus and Marcus worked
> for a European company, Linus would be open to a disiplinary offence of
> harrassment.

Luckily for Linus such things never happen in the far less bureaucratic
US (where he is working) ;)

> Marcus didn't ignore Linus' point. He simply asked to be treated with
> respect.

Although they say you attract more flies with honey than with vinegar,
you collect even more with s**t. Hard to predict what gets any task
done.


Yours sincerely,

Roger Oberholtzer

OPQ Systems / Ramböll RST

Office: Int +46 10-615 60 20
Mobile: Int +46 70-815 1696
[hidden email]
________________________________________

Ramböll Sverige AB
Krukmakargatan 21
P.O. Box 17009
SE-104 62 Stockholm, Sweden
www.rambollrst.se


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Roger Oberholtzer
In reply to this post by Carlos E. R.-2
On Thu, 2012-03-01 at 15:34 +0100, Carlos E. R. wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 2012-03-01 09:24, lynn wrote:
>
> >> Wireshark uses promiscuous mode and should be root only.
> >>
> > But on ubuntu, I can run it as a user. Can I do that on 12.1?
>
> You can probably suid the binary.

Yikes. To get perhaps one root capability, you give the application the
world. Quite generous. As they say, with great power comes great
responsibility. I just don't trust the general non-buggy-ness of things.
Fine grained permissions seem a bit more secure.


Yours sincerely,

Roger Oberholtzer

OPQ Systems / Ramböll RST

Office: Int +46 10-615 60 20
Mobile: Int +46 70-815 1696
[hidden email]
________________________________________

Ramböll Sverige AB
Krukmakargatan 21
P.O. Box 17009
SE-104 62 Stockholm, Sweden
www.rambollrst.se


--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Lars Müller
In reply to this post by Johannes Meixner
On Thu, Mar 01, 2012 at 02:53:26PM +0100, Johannes Meixner wrote:

>
> On Mar 1 12:18 Roger Oberholtzer wrote (excerpt):
> >... the root problem (pun intended) remains. What is
> >needed is a general approach to these permissions.
>
> If the use case is "printer setup on my own machine",
> I think - but I am not at all a security expert - it should
> be an acceptable solution when the normal user's password
> and the root password are the same so that from the user's
> point of view there is just one password i.e. THE password.
>
> Then configuration changes could still require THE password
> which is - from my point of view - sufficiently easy to use
> and sufficiently secure because:
>
> - The owner of the machine can do any configuration changes,
>   he only must provide THE password.
Even with a single user you might not like to share the root password.

> - The owner of the machine cannot do configuration changes
>   by accident because he must provide THE password.

And exactly this password is intendend even not to be shared.  You
addressed an issue which was not discussed. ;)

> - Arbitrary persons who get access to the machine cannot
>   do configuration changes (i.e. arbitrary persons cannot
>   hijack the machine when it is running unattended).
>
> As far as I noticed what other wrote in this thread, this could
> be even already the default when installing an openSUSE system.
>
> If yes I wonder what the whole discussion is about?
>
> Does anybody really want that arbitrary persons are allowed
> by default to do configuration changes?
The discussiion is not about arbitrary people.  It's about existing
users which must not have root access.

More and more I believe printing with Linux is a great attempt to save
our woods. ;)

> I assume nobody wants this.
>
> Therefore I assume what is wanted is that not only one person
> is allowed by default to do configuration changes but that
> it is possible to allow particular other users (e.g. the
> owner of the machine and his best friend) to do particular
> configuration changes.
>
> As far as I know this is currently not possible.
>
> If this is wanted, a FATE feature request should help...
>
> Hint:
> https://features.opensuse.org/
Oh the feature pat cemetry.  That's such a good place to get people shut
up. ;)  I'm quite sure if it got filed there we'll see it addressed in
2020.  Maybe.

Wouldn't it be much easier to allow all local users to modify the cups
configuration if the administrator prefers this?

Wouldn't be adding the group named users, where all local users are a
member of, by default to the SystemGroup enough?

cupsd runs as root.  Therefore the suggested approach might scare the
security team.  But this might get the issue solved and we might add a
warning and it might open the door less than giving the root password to
the user.

Again, we should not set this by default. But on request by the adim
from inside the YaST install/ printer setup dialog.

Lars
--
Lars Müller [ˈlaː(r)z ˈmʏlɐ]
Samba Team
SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany

attachment0 (197 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

James Knott
In reply to this post by Johannes Meixner
Johannes Meixner wrote:
> If the use case is "printer setup on my own machine",
> I think - but I am not at all a security expert - it should
> be an acceptable solution when the normal user's password
> and the root password are the same so that from the user's
> point of view there is just one password i.e. THE password.

Not in the corporate world.  Business employees generally do not get
root or admin access to their computers.  The whole idea of root vs user
is to limit what a user can do.  If they have the root password, you've
lost that.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Jim Henderson-4
In reply to this post by lynn-32
On Thu, 01 Mar 2012 08:59:23 +0100, lynn wrote:

>  On openSUSE only root can launch it. Or at least I've not found a
> way to do it

No, on openSUSE non-root users can launch it (I did earlier today on
12.1) - but they cannot start a capture.  You have to be root to capture,
but you can open saved capture files without being root.

Jim

--
 Jim Henderson
 Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Jim Henderson-4
In reply to this post by Per Jessen-2
On Thu, 01 Mar 2012 14:52:43 +0100, Per Jessen wrote:

> Well, maybe start with "man capabilities".  I think that is where I saw
> CAP_NET_BROADCAST mentioned.  I have never played with any of this, but
> my understanding is that you can manage various capabilities on a
> per-process or per-user basis.  I'm grasping at straws, but I'm sure
> somebody here will have an actual understanding of this.

From what I understand, kernel capabilities are disabled selectively -
you start a program as root and it has access to everything, and then the
program (perhaps also an external process can do this - that I don't
know) disables what the program shouldn't be allowed to do.

Jim

--
 Jim Henderson
 Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Jim Henderson-4
In reply to this post by James Knott
On Thu, 01 Mar 2012 14:27:17 -0500, James Knott wrote:

> Business employees generally do not get root or admin access to their
> computers.

Arguably, working around that is trivial regardless of the OS.  There
really is no security when the user has physical control of the device,
regardless of the OS.

With Linux, give anyone a grub menu and nothing else, and it's trivial to
get to a root prompt and change the root password.

Jim

--
 Jim Henderson
 Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Jim Henderson-4
In reply to this post by jdd@dodin.org
On Thu, 01 Mar 2012 09:21:46 +0100, jdd wrote:

> Le 01/03/2012 00:33, Jim Henderson a écrit :
>> On Thu, 01 Mar 2012 00:23:02 +0100, jdd wrote:
>>
>>> did somebody yet notice that default install is with root passwd
>>> identical to user passwd?
>>
>> Identical to the initial user password.  On multiuser systems, the user
>> passwords aren't all valid for root, obviously. :)
>>
>> Jim
>
> je use case was single user (linus daughter)

Sure, but in terms of overall security policy, single user isn't the only
use case to be considered.

Jim
--
 Jim Henderson
 Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

James Knott
In reply to this post by Jim Henderson-4
Jim Henderson wrote:

> On Thu, 01 Mar 2012 14:27:17 -0500, James Knott wrote:
>
>> Business employees generally do not get root or admin access to their
>> computers.
> Arguably, working around that is trivial regardless of the OS.  There
> really is no security when the user has physical control of the device,
> regardless of the OS.
>
> With Linux, give anyone a grub menu and nothing else, and it's trivial to
> get to a root prompt and change the root password.
>
> Jim
>

I guess you've never worked in a corporate environment, where employees
can be disiplined for violating IT policy.  If you "work around"
something like a root or admin password, then you're inviting
disiplinary action.  In general, corporate employees do not get root or
admin password and for good reason.

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Carlos E. R.-2
In reply to this post by Roger Oberholtzer
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2012-03-01 16:18, Roger Oberholtzer wrote:
> On Thu, 2012-03-01 at 15:34 +0100, Carlos E. R. wrote:

>> You can probably suid the binary.
>
> Yikes. To get perhaps one root capability, you give the application the
> world. Quite generous. As they say, with great power comes great
> responsibility. I just don't trust the general non-buggy-ness of things.
> Fine grained permissions seem a bit more secure.

There is no other way of running it, and this is the kernel fault.

Perhaps it could be made a two part program: a small one running as root
and doing the capturing part, and another doing the gui and processing. But
this doesn't exist.

And on wireshark now and then there have been found security holes.

- --
Cheers / Saludos,

                Carlos E. R.
                (from 11.4 x86_64 "Celadon" at Telcontar)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org/

iEYEARECAAYFAk9P2/8ACgkQIvFNjefEBxqCjgCgn+Ypnn+GR+q8RR8HmX+Hr7PO
omkAoJ/QmVjrC5LT9H0jsP8+miM0q5+F
=zRgS
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Tony Alfrey
In reply to this post by James Knott
James Knott wrote:

> Jim Henderson wrote:
>> On Thu, 01 Mar 2012 14:27:17 -0500, James Knott wrote:
>>
>>> Business employees generally do not get root or admin access to their
>>> computers.
>> Arguably, working around that is trivial regardless of the OS.  There
>> really is no security when the user has physical control of the device,
>> regardless of the OS.
>>
>> With Linux, give anyone a grub menu and nothing else, and it's trivial to
>> get to a root prompt and change the root password.
>>
>> Jim
>>
>
> I guess you've never worked in a corporate environment, where employees
> can be disiplined for violating IT policy.  If you "work around"
> something like a root or admin password, then you're inviting
> disiplinary action.  In general, corporate employees do not get root or
> admin password and for good reason.
>

Once, in a corporate environment, I re-partitioned the "corporate"
Windows box and installed Caldera Linux on the other partition so I
could actually "use" the box.
I think that linux may /still/ be on that box unbeknownst to the IT guy.
;-)





--
Tony Alfrey
[hidden email]
"I'd Rather Be Sailing"
--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Should openSUSE review it's Security Policies?

Jim Henderson-4
In reply to this post by James Knott
On Thu, 01 Mar 2012 15:26:47 -0500, James Knott wrote:

> Jim Henderson wrote:
>> On Thu, 01 Mar 2012 14:27:17 -0500, James Knott wrote:
>>
>>> Business employees generally do not get root or admin access to their
>>> computers.
>> Arguably, working around that is trivial regardless of the OS.  There
>> really is no security when the user has physical control of the device,
>> regardless of the OS.
>>
>> With Linux, give anyone a grub menu and nothing else, and it's trivial
>> to get to a root prompt and change the root password.
>>
>> Jim
>>
>>
> I guess you've never worked in a corporate environment, where employees
> can be disiplined for violating IT policy.  

I spent 15 years working in corporate IT environments as a systems
engineer, with company sizes ranging from < 200 employees to > 250,000
employees.

Just because employees can be disciplined for violating IT policy doesn't
mean (a) that they don't work around security measures put in place, or
(b) that such discipline actually happens, even though it's a
possibility.  The threat of action is usually sufficient to keep most
employees in line, but there are always those who flaunt the policies
(some very visibly) either because they feel they're untouchable or
because - believe it or not - they *are* untouchable (ever had an
executive who felt that because it was his company, he shouldn't be
subject to the rules?  I have.  Just try and have disciplinary action
taken against people in management - in a lot of companies, that's a way
to get sacked.)

> If you "work around"
> something like a root or admin password, then you're inviting
> disiplinary action.  In general, corporate employees do not get root or
> admin password and for good reason.

Sure, they don't, but not everybody plays by the rules, and not everybody
is required to play by the rules.

Jim

--
 Jim Henderson
 Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: [hidden email]
To contact the owner, e-mail: [hidden email]

1234567 ... 11