Date: Mon, 19 Feb 2001 21:52:45 -0500 (EST) From: Chris BeHanna <behanna@zbzoom.net> To: <questions@freebsd.org> Subject: Re: perl Message-ID: <Pine.BSF.4.32.0102192147330.92687-100000@topperwein.dyndns.org> In-Reply-To: <3A76E225.A40C8A3@eCoNeed.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 30 Jan 2001, Pater Pandoson wrote:
> Cliff Sarginson wrote:
>
> Who says that uses have access to a partition capable of executing
> binaries?
> And if there is a "security cop-out" I will gladly take it.
<rant>
Both of these measures are, IMHO, security policies promulgated by
someone who doesn't know very much about security. Yes, you'll
prevent someone from doing something malicious (with Perl), but you'll
also have a *far* less useful system than you otherwise would have.
Your ill-informed hack won't stop someone from doing, e.g.,
/bin/sh my_malicious_shell_script
with which they could do not one more bit of damage than they could with
Perl.
With your boogey-man approach to security, you're going to have to
chmod/chgrp *far* more than just Perl to prevent your users from
running their own scripts or from accessing the system in potentially
exploitable ways.
</rant>
--
Chris BeHanna
Software Engineer (Remove "bogus" before responding.)
behanna@bogus.zbzoom.net
I was raised by a pack of wild corn dogs.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.32.0102192147330.92687-100000>