| From: | Silvana Di Martino <silvanadimartino(at)tin(dot)it> |
|---|---|
| To: | Lamar Owen <lowen(at)pari(dot)edu>, pgsql-admin(at)postgresql(dot)org |
| Subject: | Re: Database Encryption (now required by law in Italy) |
| Date: | 2004-03-07 08:56:13 |
| Message-ID: | 200403061721.10497.silvanadimartino@tin.it |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Alle 13:55, sabato 6 marzo 2004, Lamar Owen ha scritto:
> On Friday 05 March 2004 03:34 pm, scott.marlowe wrote:
> > Sorry, but that's the wrong answer. Once someone has root on a unix box
> > her can do ANYTHING he wants. and he can cover his tracks.
>
> This is what things like the capabilities system and SELinux are designed
> to prevent in the Linux world. As Fedora Core 2 will ship with SELinux
> installed and enabled, it will become much more difficult for someone to
> randomly get root and do damage. It is quite simple with SELinux to
> prevent any of the attacks you mentioned. Root is no longer root. Things
> on an SELinux system, or a system fully implementing the kernel
> capabilities model, can indeed be locked away from root, at least in
> network attached multiuser mode. This does, of course, make maintenance of
> the data more difficult; one must be at the console in a special mode to do
> full maintenance. But someone remotely cracking root no longer is the
> threat they once were, when some system like SELinux is in use.
A better, more structured architecture of permissions on Unix is a
long-standing need. It looks like SELinux is offering a new and interesting
approach to this problem.
Regarding this topic I have a dream: the hyerarchical permission architecture
of OS/400 (and many other IBM OSs for mainframe) ported to Linux. Just imagine
this: you have a omnipotent "root" who can access the machine from the
console only, a whole set of powerful, configurable administrators who can
act from the net, each of them devoted to administer a specific part of the
OS or of the File System, and finally a crowd of simple users, with
configurable permissions. Nobody would have more power of what it actually
need for his job, not even the root.
Would not it be a better (safer and more manageable) world to live on?
-----------------------------------------
Alessandro Bottoni and Silvana Di Martino
alessandrobottoni(at)interfree(dot)it
silvanadimartino(at)tin(dot)it
| From | Date | Subject | |
|---|---|---|---|
| Next Message | ViKiNGi | 2004-03-07 10:04:55 | Cygwin - PostgreSQL question! need help quick! |
| Previous Message | Silvana Di Martino | 2004-03-07 08:54:07 | Re: How to do fast, reliable backups? |