[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [K12OSN] Security Alert - gcc was: Instant Messanger



Steve Wright wrote:

On Fri, 2003-10-03 at 13:16, Terrell Prude', Jr. wrote:

/Just one concern. Folks could still download the gaim src from, say, Sourceforge, unpack it in /home/studentdir, and compile/run it. So, I would also recommend doing chmod 500 on /usr/bin/gcc, /usr/bin/g++, and /usr/bin/make. Those who actually know how to install a compiler in their home directories are folks that you will have trouble stopping in any case (not impossible, just challenging). But this ought to take care of 99.9% of 'em. /


uhh, yeah this is important. I gave a shell to one young fella, and his .bash_history read like a horror movie.
<snip>
/sw

<soapbox>
Now wait a minute folks. If you think gcc, make, etc. are the only way people can execute undesirable/harmful code, think again. Do you also prevent them from running perl, python, shell scripts? This process goes on and on, without really preventing irresponsible behavior. In the meantime, you've removed much of the utility of the environment, and all of the possibility of learning about programming, compilers, interpreted languages, etc. I take it there are no programming classes offered in your schools.


Responsible behavior can't be taught or enforced with permissions settings. We should prevent people from doing harm by configuring secure systems and networks, then educate kids as to what behavior is expected and hold them accountable for their actions.
</soapbox>


--
--------------------------------------------------------
  "Oh scholar, if your scholarship benefits not Mankind,
   you deserve not admiration but contempt." -- Kahlil Gibran





[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]