On Sun, 26 May 1996, Dan Stromberg wrote:
> 5) It makes vastly more sense for sun (or or any other OS development
> team) to spend time on new features, instead of fixing "problems" where
> priviledged users "can" crash their own machines (/oh boy! I get to
> crash a machine I'm responsible for!/). Consider:
>
> dd if=/dev/zero of=/dev/dsk/c0t3d0s1.
- There are systems where you could do an analog of this all day long and
never crash. (Anything based on 4.4BSD shouldn't let you, for example.)
- It is clearly wrong, especially given the potential impact, to work
around the problem in a manner that only delays the inevitable.
> [...] it is more helpful if one also maintains a sense of where these
> bugs fit into the overall picture, which is: setting up operating
> systems that allow users to get things done.
I think it's obvious that if an intruder can find a way to chmod +r
/dev/openprom (or chown it to their uid), the system will potentially not
allow anyone to get anything done. Far better to remove the back door
than to board it up, figuratively speaking.
--scott
Received on Jun 01 1996
Intro
