[12728] in bugtraq
Re: Operational Issues: Applications & Appliances (was: Buffer
daemon@ATHENA.MIT.EDU (Simple Nomad)
Fri Nov 26 01:40:12 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.BSF.4.10.9911241215560.12575-100000@shell.fastlane.net>
Date: Wed, 24 Nov 1999 12:38:35 -0600
Reply-To: Simple Nomad <thegnome@NMRC.ORG>
From: Simple Nomad <thegnome@NMRC.ORG>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.3.96.991124062346.5097A-100000@earth.nexus.net>
On Wed, 24 Nov 1999, Scott Zimmerman wrote:
> On Tue, 23 Nov 1999, Crispin Cowan wrote:
>
> > I agree that configuration and operational issues are a hard problem
to solve.
> > In general, I don't know how to solve them. My (crass commercial)
solution is
> > that folks who don't really know what they're doing should buy
appliances
>
> I firmly agree and I'm not even selling anything. <g> The problem here
> lies in that many work users have systems at home and see no difference
> between the complete control of their home machines and what they think
> should be their complete control of their work machines. I worked in a
> rather large computing facility earlier this year where we were using
> NetApp filers for central storage. Users vehemently resented the multi-GB
> quotas and complained by saying "I have a 20GB drive at home, why can't I
> have one here?" If appliances are put on the desktops instead of real
> standalone-capable machines, the appliance might be a sufficiently
> different animal that the users may not be as tempted to make comparisons
> to their home systems. (I'm speaking generally about PC folks here.)
Speaking of quotas, it is common for NT administrators to give end users
full control over their home directory. Once this is done, the end user
simply removes everyone but himself from having any rights to his home
directory. Bingo, no quotas, as the quota manager doesn't have the rights
to get into the directory. Depending on the settings and the qm installed,
it may never be noticed. The bad side is that backups will miss this
directory as well. Then you have users who might accidently delete
important data and assume they can get it back.
I have seen this in more than one shop that implemented quotas on NT by
simply installing a magic software package, spent an hour configuring it,
and assuming that it simply just works. One can imagine all the other
"packages" that were simply "installed" and are therefore considered
"impemented and doing their job". I would expect that exact same type of
assumption for an appliance. The danger is in introducing an appliance to
solve one problem (such as user "demand") will probably create others.
In other words we are all gainfully employed forever ;-)
Simple Nomad //
thegnome@nmrc.org // ....no rest for the Wicca'd....
www.nmrc.org //