Unix security additions

John P. Eisenmenger jpe at egr.duke.edu
Tue Apr 16 06:41:55 AEST 1991 

>From article <1991Apr15.163013.20421 at ux1.cso.uiuc.edu>, by edotto at ux1.cso.uiuc.edu (Ed Otto):
> jfh at rpp386.cactus.org (John F Haugh II) writes:

>>>Under this circumstances, would it be wise to trust the same people that
>>>they don't take the backup tapes and read them anywhere else?

>>If you don't have physical security (i.e., they can take the tapes
>>anywheres they want) and you can't trust your personnel, I'd suggest
>>you turn off the computer system and just give up.

Hmm.  This may seem like a silly idea, but could you set it up that
a user doesn't need root privileges to perform dumps and that the
dumps are encrypted so that only you could decrypt and read the data?
That way: 1, they don't need to know the root password; and 2, they
can't take and read a dump tape on another machine...  This would at
least allow you to offload dumps to someone else.

> Nice thought...in my case it's a combination lock on the door to the machine
> room that, two hours after it was installed, 46 people had the combination
> to...

Yes, combination locks are a total waste of expense.  I'm amazed at how
many people can't remember a 5-digit combination.  Unfortunately there
isn't a way to keep it from spreading like wildfire.

We use combination locks on our workstation rooms and were having the
above problem, so I looked into getting a magnetic card reader for the
door.  These have been installed throughout campus now (even on Coke
machines), so I thought it'd be a reasonable thing to have.  The Uni-
versity wanted about $3000 for the installation, plus $100/mo for
support.  All in all I wish we had keyed locks and charged a deposit
for the keys -- it'd be better all the way around.

>>Basically your complaint is that you must give privileges to people
>>that you can't trust not to abuse them, and that you can't control
>>the data once they've take it.  Sounds like you got a rather serious
>>problem on your hands.  Good luck.

> Yup...once the nasties are out and about your workplace, you've lost the whole
> war...I mean, anyone with su access can run the 'adduser' script...and once
> THAT happens, well, kiss it goodbye.

Not necessarily.  For example I use a piece of software that grabs the data
from protected files that I can keep offline and mount only when needed.  One
run of this software will freeze all unwarranted accounts, thus getting rid of
the meanies...  It also makes tracking classes, graduating students, etc. a
might bit easier.

-John

More information about the Comp.unix.admin mailing list