Mailinglist Archive: opensuse-security (555 mails)
| < Previous | Next > |
Re: [suse-security] Kernel security
- From: Martin Peikert <news-list.suse.security@xxxxxxxxxxxxx>
- Date: 9 May 2001 10:57:14 GMT
- Message-id: <news2mail-9db7qa$jjh$7@xxxxxxxxxxxxxxxxxxxxxx>
Roman Drahtmueller <draht@xxxxxxx> wrote:
---snip---
> It's as with cars: In the beginning, everybody must have been able to take
> apart the engine to repair it. Later, when technique became too complex on
> the one side and when people who didn't know anything about engines could
> drive, mechanics took over that part. A few years back everybody compiled
> her own kernel, and today it is expected that the mechanics solve that
> problem. And I fully agree with that.
---snip---
For the people that use linux at home, I agree completely. But for a
system administrator in, for example, an university, where many
people have an account on the system, I do not and do not even want
to.
My belief is that those still need to be able to fix major security
flaws by patching and compiling the faulty software if there is a
root exploit out in the wild.
So what the hell is it we are going to? Incompetence as normality?
I still think that anyone that wants to administrate (not the home
users, because users do not neccessarily need to have that knowlwdge
that administrators of a more complex system - that many people are
using - should have) a system has to have some competence about what
she is doing.
Martin
P.S.: I like your car example. If you want to drive a car, you need
a driving license ;-)
--
martin.peikert@xxxxxxxxxxxxxx innominate AG
project manager the linux architects
dipl. math. http://www.innominate.com
tel: +49-30-308806-0 fax: -77 gpg: http://innominate.org/gpg/mpe.gpg
---snip---
> It's as with cars: In the beginning, everybody must have been able to take
> apart the engine to repair it. Later, when technique became too complex on
> the one side and when people who didn't know anything about engines could
> drive, mechanics took over that part. A few years back everybody compiled
> her own kernel, and today it is expected that the mechanics solve that
> problem. And I fully agree with that.
---snip---
For the people that use linux at home, I agree completely. But for a
system administrator in, for example, an university, where many
people have an account on the system, I do not and do not even want
to.
My belief is that those still need to be able to fix major security
flaws by patching and compiling the faulty software if there is a
root exploit out in the wild.
So what the hell is it we are going to? Incompetence as normality?
I still think that anyone that wants to administrate (not the home
users, because users do not neccessarily need to have that knowlwdge
that administrators of a more complex system - that many people are
using - should have) a system has to have some competence about what
she is doing.
Martin
P.S.: I like your car example. If you want to drive a car, you need
a driving license ;-)
--
martin.peikert@xxxxxxxxxxxxxx innominate AG
project manager the linux architects
dipl. math. http://www.innominate.com
tel: +49-30-308806-0 fax: -77 gpg: http://innominate.org/gpg/mpe.gpg
| < Previous | Next > |