Mailinglist Archive: opensuse-factory (564 mails)
| < Previous | Next > |
[opensuse-factory] Re: [opensuse-kernel] debugfs mounted by default - necessary to remove?
- From: Linda Walsh <suse@xxxxxxxxx>
- Date: Wed, 07 Dec 2011 10:44:55 -0800
- Message-id: <4EDFB427.3070906@tlinx.org>
Cristian RodrC-guez wrote:
----
Bingo.
Principle of least privilege is great for systems designed to constrain and control users. You want to keep users under your thumb and allow them nothing unless they need it. That how the US government is becoming...
The alternative is 'freedom' -- and educating users how to responsibly use
that freedom. But in doing that -- you create users with more 'self power' --
not good if you are trying to center/gather power at the top.
The US was built in an attempt to create a shared and distributed, on the idea that it would grow best by giving local authorities carte-blank except
in key areas needed to be controlled by the central authority.
Unix was created in the same spirit -- to enable people .. not to control them (look to VMS/ IBM for those OS's). Those controlling OS's are
all but dead, and the innovation coming from those under those systems is likely VERY different from the level of innovation of someone developing on an open platform.
In short. A desired for a 'controlled/controlling' system to be
the 'default' is a reflection of wanting to dominate and control users -- which
will lead to lower productivity (which as happened in the US as more freedoms were taken by the government (and made illegal), the US's economy has suffered -- instead of finding fulfillment through work and acquiring new knowledge, people are encouraged to have fun in beer football, and playing politics to
see who can become the most powerful (at the expense of the rest of the players).
Linux/Unix is designed top be open as it was designed to be LEARNED from. We don't want to hide thigns by *default* ... (which says nothing
about making it have the ability to be configured 'closed' -- flexibility and
configurability are good things). But the default configuration going out to users -- should be 'open' and transparent. And importantly -- an open source
allows end users to discover flaws and more quickly fix them and/or work around
them, vs. closed source OS's like *R*X, that had 10's of thousands of bugs filed against it (many from internal people). But policy was to only fix those
bugs when a paying customer found them.
The most secure system is one that is open and transparent -- where everyone can see the security code -- but even knowing the formulae, doesn't
give them access, or benefit, as the algorithms create authentication tokens
on the fly that are not decipherable/decryptable in any useful time period.
I.e. it's security through good design, vs. security though obscurity --
and yes, a closed up system is a form of security through obscurity.... you may
not be hiding passwords in the code, but you are hiding algorithms in the code, that, in well designed ones, don't give you any advantage. Their advantage is in the algorithm, not whether or not the algorithm is known.
Please think about that Marcus. I'm 100% with you in having the *options* for strong hardening present, but don't think they should be
the default... it's not the write-mindset for the space, IMO....
-linda
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx
On 07/12/11 10:49, Marcus Meissner wrote:
"principle of least privilege" is probably the better wording.
Which usually becomes the "principle of least possible usability" :-(
----
Bingo.
Principle of least privilege is great for systems designed to constrain and control users. You want to keep users under your thumb and allow them nothing unless they need it. That how the US government is becoming...
The alternative is 'freedom' -- and educating users how to responsibly use
that freedom. But in doing that -- you create users with more 'self power' --
not good if you are trying to center/gather power at the top.
The US was built in an attempt to create a shared and distributed, on the idea that it would grow best by giving local authorities carte-blank except
in key areas needed to be controlled by the central authority.
Unix was created in the same spirit -- to enable people .. not to control them (look to VMS/ IBM for those OS's). Those controlling OS's are
all but dead, and the innovation coming from those under those systems is likely VERY different from the level of innovation of someone developing on an open platform.
In short. A desired for a 'controlled/controlling' system to be
the 'default' is a reflection of wanting to dominate and control users -- which
will lead to lower productivity (which as happened in the US as more freedoms were taken by the government (and made illegal), the US's economy has suffered -- instead of finding fulfillment through work and acquiring new knowledge, people are encouraged to have fun in beer football, and playing politics to
see who can become the most powerful (at the expense of the rest of the players).
Linux/Unix is designed top be open as it was designed to be LEARNED from. We don't want to hide thigns by *default* ... (which says nothing
about making it have the ability to be configured 'closed' -- flexibility and
configurability are good things). But the default configuration going out to users -- should be 'open' and transparent. And importantly -- an open source
allows end users to discover flaws and more quickly fix them and/or work around
them, vs. closed source OS's like *R*X, that had 10's of thousands of bugs filed against it (many from internal people). But policy was to only fix those
bugs when a paying customer found them.
The most secure system is one that is open and transparent -- where everyone can see the security code -- but even knowing the formulae, doesn't
give them access, or benefit, as the algorithms create authentication tokens
on the fly that are not decipherable/decryptable in any useful time period.
I.e. it's security through good design, vs. security though obscurity --
and yes, a closed up system is a form of security through obscurity.... you may
not be hiding passwords in the code, but you are hiding algorithms in the code, that, in well designed ones, don't give you any advantage. Their advantage is in the algorithm, not whether or not the algorithm is known.
Please think about that Marcus. I'm 100% with you in having the *options* for strong hardening present, but don't think they should be
the default... it's not the write-mindset for the space, IMO....
-linda
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx
| < Previous | Next > |