Date: Thu, 8 Feb 2001 06:42:05 +0200 (EET) From: Giorgos Keramidas <charon@westgate.gr> To: David Schwartz <davids@webmaster.com> Cc: Paul Richards <paul@originative.co.uk>, chat@FreeBSD.ORG Subject: RE: Laugh: [Fwd: Microsoft Security Bulletin MS01-008] Message-ID: <Pine.BSF.4.21.0102080638490.2673-100000@gray.westgate.gr> In-Reply-To: <NCBBLIEPOCNJOAEKBEAKGENJNIAA.davids@webmaster.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 7 Feb 2001, David Schwartz wrote: > > > > - Servers could only be affected if the attacker were given the > > > ability to load a program of her choice onto the machine and > > > execute it locally. Best practices recommend against this. > > > You've gotta laugh really, a root compromise exists and the mitigating > > controls are to not let anyone use the box! > > > > Paul. > > In fairness to Microsoft, it is best practice not to let attackers access > your box. Yes, and in the rare case that an "attacker" is anyone who can login interactively on the system console, or upload and run executables on the server, you should stop your users from "running" programs on the box. Well, in that case, why not unplug the thing and bury it six feet under, to prevent users from logging on the system interactively. Sorry, David, but you missed a point that was being made by Paul here :-) According to the advisory, anyone who can login interactively and execute some program *is* a potential attacker. Kinda limiting to the things an administrator can allow one's users to do, don't you think? --giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0102080638490.2673-100000>