[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers] Re: savannah account
From: |
Thien-Thi Nguyen |
Subject: |
[Savannah-hackers] Re: savannah account |
Date: |
27 Aug 2002 18:48:15 -0400 |
Mathieu Roy <address@hidden> writes:
Recently, after the fencepost compromission, many accounts permiting
full access to subversions that seemed useless were restricted. While
someone wants to use savannah, he normally does not need to have a
complete access to subversions. Giving to everyone shell account is
creating security holes.
Anyway, if someone need access to this computer for a reason or
another, he just have to say why. It doesn't seem weirdy, does it?
no, it's never wrong to ask, but sometimes it's easier to ask the
machine than to ask people. tb explains how to use grep in the next
mail, for example. by doing so you practice separation of the ideal
(shell account implies security hole so as a matter of policy it might
be better not to give out such accounts too readily) and the real (tb
already has a shell account from ages past for whatever reason). even a
god must look first before throwing lightning, no? even a god does not
demand the mossy rock to explain its moss.
This is not really an exception that someone have a particular
account and particular rights. But while someone have problems using
savannah, if he thinks he have a special access but havent any
informations about it, we can think that he does not really requires
this special access and so it is really possible that he does not
anymore have this special access.
everybody is special in their own eyes. because you can become root,
you have the best insight into how exactly they are special if at all.
whatever is possible and probable, you have the tools (or can write
them) to tell the full story both before your actions and after. to
implement the policy is to be a the shovel. to shape the policy
adaptively is to be the gardener. the gifted gardener follows the
instructions on the seed package but still finds a way to crawl around
and sniff out the peculiarities of his exceptional garden.
thi
- [Savannah-hackers] Re: savannah account, (continued)
- [Savannah-hackers] Re: savannah account, Mathieu Roy, 2002/08/24
- [Savannah-hackers] Re: savannah account, Thomas Bushnell, BSG, 2002/08/24
- [Savannah-hackers] Re: savannah account, Mathieu Roy, 2002/08/24
- [Savannah-hackers] Re: savannah account, Thomas Bushnell, BSG, 2002/08/24
- [Savannah-hackers] Re: savannah account, Thomas Bushnell, BSG, 2002/08/26
[Savannah-hackers] Re: savannah account, Thomas Bushnell, BSG, 2002/08/26
[Savannah-hackers] Re: savannah account, Thomas Bushnell, BSG, 2002/08/26
- [Savannah-hackers] Re: savannah account, Thien-Thi Nguyen, 2002/08/27
- [Savannah-hackers] Re: savannah account, Mathieu Roy, 2002/08/27
- [Savannah-hackers] Re: savannah account,
Thien-Thi Nguyen <=
- [Savannah-hackers] Re: savannah account, Thomas Bushnell, BSG, 2002/08/27
- [Savannah-hackers] Re: savannah account, Joel N. Weber II, 2002/08/27
[Savannah-hackers] Re: savannah account, Mathieu Roy, 2002/08/27
[Savannah-hackers] Re: savannah account, Gord Eagle, 2002/08/22