Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: What could have been done differently?

  • From: Scott Francis
  • Date: Wed Jan 29 15:13:26 2003

On Wed, Jan 29, 2003 at 10:47:30AM -0800, matt@snark.net said:
> On Tue, 28 Jan 2003, Scott Francis wrote:
> 
>   He argued instead that OSes should be redesigned to implement the
>   principle of least privilege from the ground up, down to the
>   architecture they run on.
> 
> [...]
> 
>   The problem there is the same as with windowsupdate - if one can spoof the
>   central authority, one instantly gains unrestricted access to not one, but
>   myriad computers.
> 
> [...]
> 
>   So far, the closest thing I've seen to this concept is the ssh
>   administrative host model: adminhost:~root/.ssh/id_dsa.pub is
>   copied to every targethost:~root/.ssh/authorized_keys2, such that
>   commands can be performed network-wide from a single station.
> 
> Do you even read what you write? How does a host with root access to
> an entire set of hosts exemplify the least privilege principle?

Your selections from my post managed to obscure the fact that I was making
more than one point. I did _not_ state that the ssh key mgmt system outlined
above exemplifies least privilege. I was merely making a comparison between
that model and the topic under discussion, central
administrative/authenticating authorities. Additionally, the section higher
up regarding least privilege was in connection with OS design, and was quoted
from another author's presentation at ToorCon last year. You're stringing
together statements on disparate subjects and then jumping to conclusions.

Please do not put words into my mouth.

> matto
> 
> --mghali@snark.net------------------------------------------<darwin><

-- 
-= Scott Francis || darkuncle (at) darkuncle (dot) net =-
  GPG key CB33CCA7 has been revoked; I am now 5537F527
        illum oportet crescere me autem minui

Attachment: pgp00034.pgp
Description: PGP signature




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.