Mailinglist Archive: opensuse-factory (602 mails)

< Previous Next >
[opensuse-factory] Re: [PLEASE SPEAK UP] Disabling legacy file systems by default?
  • From: Jim Henderson <hendersj@xxxxxxxxx>
  • Date: Mon, 11 Feb 2019 20:02:58 -0000 (UTC)
  • Message-id: <q3skdh$3od0$1@blaine.gmane.org>
On Mon, 11 Feb 2019 20:42:09 +0100, Jan Engelhardt wrote:

On Monday 2019-02-11 20:25, Jim Henderson wrote:
Maybe we should ship with Xorg permissions open to the world. Because
if I'm running an application remotely from another system, having to
type 'xhost +' or to enable permissions is "too hard".

Tech note:

Most people should be running an SSO-style solution. ssh, su, etc.
forward appropriate key material through environment variables and the
like just by logging in, making the use of xhost wholly unnecessary.

Too inconvenient, according to some. After all, if you're using ssh
with public keys

ssh does not hard-require keypairs.

Well, yeah, then you have to use a password. That's too difficult and
inconvenient.

(still being sarcastic here)

My point is that the mindset being exhibited here is "let's sacrifice
security for ease-of-use", and that is an unhelpful mindset. Don't
blacklist these filesystem modules because it's too inconvenient for a
minority of users, and we can't inconvenience a minority of users to
improve security for everyone.

So let's just dump all the security features that inconvenience some
small portion of our userbase, because that's the path *some* people want
to take here. Security requires that people learn a few things, and some
people think "we can't have that".

So let's use "insecure by design" as our default security stance. That's
the only way to maximize convenience for everyone. Liam says people are
too stupid to figure something like this out, and that it's better to
cater to their stupidity rather than to expect more from our users. So
let's take that to its logical (and absurd) extreme and see how that
plays out.

Just to be clear, I'm not actually advocating for this. I want my
systems secure by design, and if someone wants to load something that
potentially compromises their system, then they can do the research on
how to enable those features.

Jim
--
Jim Henderson
Please keep on-topic replies on the list so everyone benefits

--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation
This Thread