More PATH fallout. Who decided this was a good idea?
Les Mikesell
lesmikesell at gmail.com
Sun Dec 7 22:56:58 UTC 2008
Steve Grubb wrote:
>
>>> The utilities that would allow you to modify it cannot be accessed
>>> unless you are root.
>> Sounds like "when the algorithm is hidden, the crypto mechanism is
>> secure"...
>
> I wouldn't characterize it like that. It means that you have established
> proceedures that ensure the Security Objectives are met.
What does that mean? Why is it necessary to prevent anyone but root
from running the utility when in fact your security objectives can only
be met when the files the utility accesses can only be modified by root?
Which program is used to modify the file is pretty much irrelevant.
It is hard to take these concepts seriously when they add unnecessary cruft.
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-devel-list
mailing list