[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: More PATH fallout. Who decided this was a good idea?



Jesse Keating píše v Ne 07. 12. 2008 v 15:05 -0800:
> On Mon, 2008-12-08 at 10:03 +1100, Andrew Bartlett wrote:
> > 
> > Perhaps I'm a bit slow this morning, but vipw is forbidden but
> > vi /etc/passwd isn't?
> 
> I think he means "forbidden by policy" in which using anything /but/ the
> audit-able tools is "forbidden by policy".  If you're expecting
> everybody to follow policy, why not just set policy that says "don't
> hack this box".  That'll work right?
Violations of "don't hack this box" don't generate audit messages that
can be manually examined for actual intrusions.  Violations of "don't
access /etc/shadow manually" do.
	Mirek


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]