info-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CVS access control


From: Greg A. Woods
Subject: Re: CVS access control
Date: Wed, 26 Sep 2001 21:18:58 -0400 (EDT)

[ On Wednesday, September 26, 2001 at 17:01:25 (-0400), address@hidden wrote: ]
> Subject: Re: CVS access control
>
> By definition, "security" is about preventing malicious "users" from doing
> harm.  It's not about avoiding accidents by careless users.  For example,
> would you consider a knotted rope tying my door shut to be any sort of
> security since it avoids accidental openings?

This I must pick a nit with.  :-)

One of the three corner-stones of security is "integrity".  Good
security not only prevents malicious damage, but also accidental
damage.

(eg. that's why everyone always warns not to do "stuff" as root unless
such a level of privilege is absolutely necessary to succeed)

-- 
                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <address@hidden>     <address@hidden>
Planix, Inc. <address@hidden>;   Secrets of the Weird <address@hidden>



reply via email to

[Prev in Thread] Current Thread [Next in Thread]