[1720] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: tmp files problem

daemon@ATHENA.MIT.EDU (Joseph S D Yao)
Sat Mar 14 09:43:09 1998

From: Joseph S D Yao <jsdy@gwyn.tux.org>
To: linux-security@redhat.com
Date: Fri, 13 Mar 1998 17:25:14 -0500 (EST)
In-Reply-To: <19980312172918.25189.qmail@mail2.redhat.com> from "Jean Ortolo" at Mar 12, 98 05:29:18 pm
Reply-To: jsdy@tux.org
Resent-From: linux-security@redhat.com

>   For my own, I do think that application being built by
> bad security-conscious programmer, will always fail, no matter
> which tools you give to him for security purpose.

This is a good point: much like the idea that you can write bad programs
in ANY language, even [insert your current favourite here].

In another guise, when I volunteer on an ambulance, personal safety is
controlled by training to cause changes in personal behavior [much like
the security changes required for the coder], as well as by physical
environmental controls to make the "default" actions safer.  The latter,
like the proposals being made to change /tmp, are considered more
reliable precisely because people can always ignore their training.

Joe Yao				jsdy@tux.org - Joseph S. D. Yao

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post