home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.security.misc
- Path: sparky!uunet!elroy.jpl.nasa.gov!lambda.msfc.nasa.gov!news
- From: palmer@Trade_Zone.msfc.nasa.gov (Paul (Cliffy) Palmer)
- Subject: Re: Security vs usefulness (was Re: reasons
- Message-ID: <1992Dec14.211255.15839@lambda.msfc.nasa.gov>
- Sender: news@lambda.msfc.nasa.gov (Newsmaster)
- Nntp-Posting-Host: isabella.msfc.nasa.gov
- Reply-To: palmer@Trade_Zone.msfc.nasa.gov
- Organization: New Technology, Inc.
- References: <1992Dec14.173636.10834@ncsa.uiuc.edu>
- Date: Mon, 14 Dec 1992 21:12:55 GMT
- Lines: 28
-
- In article <WCS.92Dec13203554@rainier.ATT.COM> wcs@anchor.ho.att.com (Bill Stewart +1-908-949-0705) writes:
- >>
- >>The main job of security is to say "NO".
- >>The main job of Unix is to say "Yes".
- >
- >O.K., you agree in this point: The main job of Unix is to get the
- >user's work done.
- >The main job of security is to stop the user from getting his work
- >done.
-
- I disagree, security is not a win/lose scenario...granted when the
- security officer takes the easy way out when fixing a problem, the end
- user usually loses functionality or useability. But when the careful
- security officer carefully considers the situation, there is almost
- always a win/win solution.
-
- It is especially important to inform the users of changes mandated by
- security requirements and to provide them with methods to perform their
- duties that are not impacted by the change. Often the changes that are
- necessary do not impact the user at all (like activating auditing, or
- applying the NIS patch to implement "securenets").
-
- System security is one of the toughest jobs I have ever performed, which
- consequently makes it one of the easiest to perform badly.
-
- ---
- Paul (Cliffy) Palmer
-
-