RE: Understanding MoreSecurity and MoreAuthSample
RE: Understanding MoreSecurity and MoreAuthSample
- Subject: RE: Understanding MoreSecurity and MoreAuthSample
- From: "Duane Murphy" <email@hidden>
- Date: Thu, 11 Sep 2003 11:23:58 -0700
--- At Thu, 11 Sep 2003 12:04:16 -0600, Lance Drake wrote:
>
Hi Duane,
>
>
The new Arron Hillegass book, "Core Mac OSX And Unix Programming",
>
features (Chapter 18) a thorough discussion of the whole authentication
>
process and rationale. It's list price is about $100, but I consider
>
it an excellent reference, well worth the investment.
Thanks for the tip Lance. However, that simply is not going to happen.
One shouldnt need to spend $100 to find out why the security of the OS is
set up a particular way. Security should be open and complete.
I did see that what is implemented in MoreSecurity is a direct reflection
of the documentation for Authentication. However, even in that
documentation there the rational for tools authenticating themselves is
not security based.
The documentation shows how tools should be self-healing and do setuid-
root on themselves. We find this to be an incorrect methodology and
distracts from the focus of the tool to do it's own work. A secondary
tool should be responsible for dealing with setuid-root. There are
several advantages to this method.
Comments are quite welcome on this matter. I really dont want to break
the security of the system.
>
Best Regards,
Thanks,
...Duane
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.