[1977] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: RedHat 5.X Security Book

daemon@ATHENA.MIT.EDU (Jon Lewis)
Sun Jul 12 17:58:51 1998

Date: Sun, 12 Jul 1998 15:35:42 -0400 (EDT)
From: Jon Lewis <jlewis@inorganic5.fdt.net>
To: twiztah <twiztah@ANARCHY.MAXHO.COM>
cc: Kent Crispin <kent@songbird.com>, linux-security@redhat.com
In-Reply-To: <Pine.LNX.3.96.980712040802.6090A-100000@ANARCHY.MAXHO.COM>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com

On Sun, 12 Jul 1998, twiztah wrote:

> >"99% secure" is an almost completely meaningless statement, in any
> >case. 
> 
> There are fully functional systems which are 100% secure to the publically
> _KNOWN_ bugs. Not every admin sits on his chair at work and eats donuts,
> while little script monkeys are rooting his machine.

This still doesn't mean much.  Should I feel better with the knowledge
that when one of my systems was hacked several months ago, it was hacked
using a previously unpublished hole?  Well...actually, I do feel a little
better, but it doesn't do me any good.  At least the hole (and exploit)
are publically known now.  

I still fully agree its a good idea to make your system as secure as you
can, but the statement that any system is 100% secure against publically
known bugs just doesn't mean much.  It means the average idiot who knows
how to use a web browser and reaches rootshell.com probably can't hack
you...but someone just a little higher up the food chain might not have
any trouble at all hacking you.

[mod: And always there is a window between the hole becoming public
and the administrator being able to react on that knowledge.... --REW]


------------------------------------------------------------------
 Jon Lewis <jlewis@fdt.net>  |  Spammers will be winnuked or 
 Network Administrator       |  drawn and quartered...whichever
 Florida Digital Turnpike    |  is more convenient.
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post