Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 03 Feb 1998 22:20:52 +0000
From:      Colman Reilly <careilly@monoid.cs.tcd.ie>
To:        Richard Wackerbarth <rkw@dataplex.net>
Cc:        config@FreeBSD.ORG
Subject:   Re: WebAdmin 
Message-ID:  <199802032220.WAA16835@monoid.cs.tcd.ie>
In-Reply-To: Message from Richard Wackerbarth  dated today at 10:45.
next in thread | raw e-mail | index | archive | help 

     At 9:42 AM -0600 2/3/98, Colman Reilly wrote:
     >     the databases useable and stable.
     >Sure. Now remember we have to assume that people will be attempting to
     >exploit the admin system as a security hole. We can't trust any state com
     ing
     >from a HTTP connection.
     
     >Look at Mike Smiths juliet stuff. Look at my thoughts on Portia/security
     >stuff.
     
     My only objection to his design is that it is a little too specific.
     I think that ALL the "back end" modules should appear monolithic and
     recursively defined. For example, although the password file is organized
     as a list of records each having fixed entries, it can be modeled as
     a two level tree. The top level entries are tagged by the <user> name.
     Within each of those nodes there are entries tagged by <uid>, <gid>,
     <Full User Name>, <shell>, etc.
That's an objection to his implementation, not his design.  It depends on
the maturity of the sub-system really. For password I agree, but for some 
faster moving targets the more "black-box" approach might be better. In an
ideal world you're right.

     >Look at the mail archives on this topic.
     
     Which archives? I cannot find one for "config".
Most of the stuff has actually been discussed on hackers as far as I
can see. :-)
     
     >I'd really like to see people cooperating on this with a well thought out
     >structure rather than see three sets of people head out into space.
     
     Me, too.
     
     But doesn't that break the "FreeBSD model" of "implement before you
     discuss the design?" :-)
Oh. I'm sorry. I'm doing research in formal methods and mathematical modeling
of software. I get carried away with this design business occasionally.

Colman

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199802032220.WAA16835>