Date: Thu, 8 Nov 2001 09:19:55 +0100 From: "Anthony Atkielski" <anthony@atkielski.com> To: "Andrew C. Hornback" <achornback@worldnet.att.net>, "FreeBSD Questions" <freebsd-questions@FreeBSD.ORG> Subject: Re: Lockdown of FreeBSD machine directly on Net Message-ID: <003901c1682e$26a0a0d0$0a00000a@atkielski.com> References: <00e201c167d4$474ad9e0$6600000a@columbia>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrew writes: > > b) Calling the sysadmin and pretending to be his > > boss and convince him to open a hole. > > Most organizations require something like that in > writing, or at least as part of a face to face > conversation. That negates this loophole. I've never encountered an organization that has a policy like that, but my personal policy is along those lines. If any manager wants me to compromise system security, he needs to put it in writing. This not only protects the organization from hanky-panky, but it protects me and the organization from lawsuits (albeit not prosecution, in most cases). > If a secretary does this, they need to be fired, > period. In some organizations (many, in fact), she might be fired for _not_ doing it, as few people understand the risk to security that doing something like this represents, and they would interpret her refusal as a lack of team spirit or cooperation or some such. > Wouldn't work under a "Trusted" system, you'd > have to bribe, torture or blackmail three people. Not outside the realm of possibility, but it is true that collusion between two or more people is _far_ less common (and much less stable) than dishonesty in a single individual. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003901c1682e$26a0a0d0$0a00000a>