[67] in WWW Security List Archive
Re: GSS API (as a DLL)...
daemon@ATHENA.MIT.EDU (Fisher Mark)
Thu Aug 18 08:41:37 1994
Reply-To: tcemail!FisherM@is3.indy.tce.com
Date: Thu, 18 Aug 94 04:47:00 PDT
From: Fisher Mark <tcemail!is3.indy.tce.com!FisherM@uunet.uu.net>
To: www-security <uunet!nsmx.rutgers.edu!www-security@tcemail.indy.tce.com>
John Ludeman writes in <9408172232.AA17736@netmail2.microsoft.com>:
>| From: "Alec H. Peterson" <chuckie@panix.com>
>| Date: Wednesday, August 17, 1994 4:46PM
>|
>| Ramin Firoozye writes:
>| [...]
>| >
>| >The BIG problem specific to security DLL's is that someone bent on
breaking
>| >security can write a "wrapper" DLL around a security DLL, store all the
>| >stuff it gets from the caller, pass on the result onto the actual DLL
and
>| >store away the replies as well before passing the reply back up to the
>| >caller. In other words, it becomes much easier to implement a "spoof the
>| >login" type scheme.
>|
>| This is one of the reasons why most (if not all) applications that deal
with
>| secure data (like /bin/login and /bin/su) should be statically linked.
>
>No, this is not a valid reason. The above argument implies there is no
>security. If a sysadmin doesn't want this to happen, they must take the
>appropriate security percautions. If they do not, then *nothing* in
>the system is secure and any program the system might run can do bad
>things. This again gets into site security issues which is beyond the
>topic of this alias.
My 0.02$US before we drop this...
Just as you must be able to walk before you can run, you must have security
on the basic system features before you address "www-security". If any user
can mount any kind of attack against another user, the system is compromised
such that WWW security features may be irrelevant. No user should be able
modify any executables or paths to executables except for their own private
programs.
I am not saying that this is necessarily easy or convenient -- just that
this is what must be done before you can expect that your WWW security
measures will be effective.
======================================================================
Mark Fisher Thomson Consumer Electronics
fisherm@tcemail.indy.tce.com Indianapolis, IN
"Just as you should not underestimate the bandwidth of a station wagon
traveling 65 mph filled with 8mm tapes, you should not overestimate
the bandwidth of FTP by mail."
