Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

Insecurity | 34 comments | Create New Account
Click here to return to the 'Insecurity' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Authored by: TruePath on Feb 02, '10 03:32:46PM

That attitude probably creates more security holes than all technical errors put together.

Security is not an absolute matter, nor does it have the same requirements everywhere. Insisting on following rigid little rules like this creates annoyances and inconviences that people then respond to by circumventing the security mechanism entierly, e.g., telling anyone who sits down at the machine their password so they can run secure processes, chowing all the files to their own user, etc..

For instance on my laptop I add myself to the wheel group and let the wheel group use sudo without a password. Would I do this on a corporate machine or webserver? No! But does that make it a security risk on my laptop? No. The point of security on my laptop is to protect my private documents and files. If they already have access to my user account the game is over.

[ Reply to This | # ]