[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev Re: who owns what
From: |
Philip Webb |
Subject: |
Re: lynx-dev Re: who owns what |
Date: |
Sat, 10 Oct 1998 09:22:44 -0400 (EDT) |
981009 Bela Lubkin wrote:
> Philip Webb wrote:
>> that's exactly what i gave: number links, goto the Archive HTML version
>> & look at Sep [445 662 769] & Aug [11]: TD LP & Mike Castle are authors.
>> they explicitly refer to ANONYMOUS use as the problem.
> Those aren't URLs. I have neither a bookmark
> nor a mental reference to "the Archive HTML version".
you know perfectly well that the Archive is at www.flora.org/lynx-dev/
& that the 1st screen there gives you a choice of HTML/e-mail formats.
> And I'm not particularly interested in looking at those messages,
> which, if they say what you claim, are simply wrong.
the Pope's representatives refused to look thro' Galileo's telescope.
> There are many inherently unsafe operations in Unix
> (as in any operating system); one must program with care.
> If you are concerned about security, all software must be audited.
> There are groups of people doing this for various software.
this starts to sound like people in the police, national-security,
drug-enforcement & surveillance/lock industries:
"You can't be too careful: we need more tax $$, buy our product".
there are certainly problems associated with crime, spying & drugs,
but they are all too easily exaggerated
& remedies offered are all too often worse than the disease.
you have said nothing specific to convince me
that a well-managed UNIX system has security problems,
except possibly with /tmp , where the analogy would be blood-transfusion.
making hasty & badly thought-out programming changes
in reponse to security alerts which may or may not be serious
DOES lead to the kind of problem which arose for me last week.
>> that sysadmins who know what they are doing still can't prevent it?
>> that anyone can set up a symlink to a file they don't own?
> It is the nature of symlinks. For instance, you can create a symlink
> to a file that does not (yet) exist. Symlinks to not-yet-created files
> have several important uses. So do symlinks to not-owned files.
> Removing those abilities would be both difficult and damaging
> to the normal operation of the system.
i've never needed to create a symlink,
tho' i can see why the sysadmin has one for /homes .
can you back up your general assertions with real examples?
--
========================,,============================================
SUPPORT ___________//___, Philip Webb : address@hidden
ELECTRIC /] [] [] [] [] []| Centre for Urban & Community Studies
TRANSIT `-O----------O---' University of Toronto
Re: lynx-dev Re: who owns what, David Combs, 1998/10/10
Re: lynx-dev Re: who owns what, Bela Lubkin, 1998/10/11
Re: lynx-dev Re: who owns what, Bela Lubkin, 1998/10/11
Re: lynx-dev Re: who owns what, dickey, 1998/10/11
Re: lynx-dev Re: who owns what, dickey, 1998/10/11
Re: lynx-dev Re: who owns what, Bela Lubkin, 1998/10/11