I always do electrical work with the power on. Of course, I turn the power off first. And then I work as if I still had the power on. Cuz ya never know, it might be on.
-russ
Does anyone want to do that? Are ACL's more or less easy to implement? Is their correct operation more or less easy to audit?
Just because the feature list allows more flexibility, you also have to consider the difficulty of implementation. Just because you can split up security more finely, it's no help if one of the splits creates a security hole.
-russ
No, you can't. If the machine serves those ports, they've already been bound by the program that serves them.
And in any case, instead of requiring uid==0, they could be limited to uid100. That still gives the sysadmin control over who opens the ports, but it keeps root the hell off network-accessible ports.
-russ
No, I'm not joking. Why does the lpr system have to run as root?? Because the lpr port is 1024. That's the ONLY reason./dev/lpr* can be owned by a user ''lpr''. Why does bind have to run as root?? Because its port is 1024. Why does sendmail has to run as root? Because its port is 1024 (yes it has to deliver mail to users mailboxes, but that could be done by a separate program which sendmail communicates with).
In short, most of the root exploits have occurred NOT because of any need to be root, but simply because of the 1024 restriction.
-russ
I'm surprised that people haven't suggested that there has been a number of living-donor brain transplants, going on in secret. You've met the donors, of course. They can't be allowed out in public, but in order to give them some human contact, they let the donors post to Slashdot.
-russ
Sorry, I"m not going to try to convince you. You can simulate ACL's through users/groups/ownership/permissions just fine. The only other thing I'd do is remove the root restriction on ports 1024. On many Linux machines, root is no smarter than the other user of the machine. Ports 1024 are no more secure on these machines.
-russ
There are many problems with election fraud that we don't see because we've developed voting methods that work to counteract them. These methods don't work with online voting. Do you really want to take the risk of huge amounts of voting fraud? I don't.
-russ
Waterworld was fine, except that section in the middle where all they did was sail the boat and look at each other. For an action move, it was bad drama. For a dramatic movie, it was bad action.
-russ
Too bad Rob didn't name you guys "Yet Another Moron" instead of "Anonymous Coward". It would be a lot more accurate.
-russ
p.s. linux has seats; *bsd has flames.
I thought moderators were supposed to save us from idiots. What do we do when the moderators are themselves idiots?? How can this question be off-topic when it directly addresses something in the linked story?? Ahhh, I get it now: idiot moderator.
-russ
First of all, I've set up Potsdam State so all their client IP addresses come out of a bootp/dhcp server using static assignment. So their cost to switch to a completely different network is trivial. Change a few servers, edit/etc/bootptab, done. If your site doesn't do this, then it's poorly managed.
I can't say how many addresses your site needs. All I can say, as an economist, is that an IP address should have a price. If the price is worth paying, you'll pay it, and you'll have the addresses you need. Or if you have too many addresses, it makes sense to sell some of them. And if the price of an IPv4 address becomes high enough, it will justify a switch to IPv6.
It's it amazing how well a free market works? Instead of having to have endless discussions, and wailing and gnashing of teeth about routing tables and switching to IPv6, you just turn IP addresses into private property and let the market work it all out.
-russ
I don't see how this is different from IP-IP encapsulation.
As for addressing the cost of renumbering, we should recognize that IP addresses have become a scarce (in the economic sense of the word) resource, and should be now priced. Given a cost for holding onto an IP address, people will figure out how to relinquish the ones they're not using.
-russ
Students are allowed to run servers from their dorm rooms (just not kiddie porn servers, hehe). 8K addresses would work just fine for them. That's 1/8th the numbers they currently have.
-russ
No, we don't need IPv6. That's why it hasn't been implemented yet. We can get along with IPv4 just fine by aggregating routes. But before we can do that, we need to scavenge IP addresses.
Yes, the decision to allocate all those class B's was reasonable at the time. It's not reasonable now, and those IP addresses are needed.
-russ
This is not a serious problem. What is a serious problem is all the sites that were allocated 2^16 (many colleges) or 2^24 (HP, Stanford, Interop, e.g.) addresses back when there seemed to be an infinite supply. For example, Potsdam State University has a class B. They only have 500 staff and 3000 students. What are they doing with 65,534 addresses??
-russ
I agree about the "power" thing. A libertarian society distributes power better than any other, though. So while it does not and cannot eliminate abuses of power, at least it reduces their scope.
-russ
I always do electrical work with the power on. Of course, I turn the power off first. And then I work as if I still had the power on. Cuz ya never know, it might be on.
-russ
I'm too busy making money selling Linux to big companies to rebut your claims. Sorry.
-russ
Does anyone want to do that? Are ACL's more or less easy to implement? Is their correct operation more or less easy to audit?
Just because the feature list allows more flexibility, you also have to consider the difficulty of implementation. Just because you can split up security more finely, it's no help if one of the splits creates a security hole.
-russ
No, you can't. If the machine serves those ports, they've already been bound by the program that serves them.
And in any case, instead of requiring uid==0, they could be limited to uid100. That still gives the sysadmin control over who opens the ports, but it keeps root the hell off network-accessible ports.
-russ
No, I'm not joking. Why does the lpr system have to run as root?? Because the lpr port is 1024. That's the ONLY reason. /dev/lpr* can be owned by a user ''lpr''. Why does bind have to run as root?? Because its port is 1024. Why does sendmail has to run as root? Because its port is 1024 (yes it has to deliver mail to users mailboxes, but that could be done by a separate program which sendmail communicates with).
In short, most of the root exploits have occurred NOT because of any need to be root, but simply because of the 1024 restriction.
-russ
I'm surprised that people haven't suggested that there has been a number of living-donor brain transplants, going on in secret. You've met the donors, of course. They can't be allowed out in public, but in order to give them some human contact, they let the donors post to Slashdot.
-russ
Sorry, I"m not going to try to convince you. You can simulate ACL's through users/groups/ownership/permissions just fine. The only other thing I'd do is remove the root restriction on ports 1024. On many Linux machines, root is no smarter than the other user of the machine. Ports 1024 are no more secure on these machines.
-russ
Third-party qmail support is available from many vendors, not just inter7.
-russ
There are many problems with election fraud that we don't see because we've developed voting methods that work to counteract them. These methods don't work with online voting. Do you really want to take the risk of huge amounts of voting fraud? I don't.
-russ
Waterworld was fine, except that section in the middle where all they did was sail the boat and look at each other. For an action move, it was bad drama. For a dramatic movie, it was bad action.
-russ
Too bad Rob didn't name you guys "Yet Another Moron" instead of "Anonymous Coward". It would be a lot more accurate.
-russ
p.s. linux has seats; *bsd has flames.
I thought moderators were supposed to save us from idiots. What do we do when the moderators are themselves idiots?? How can this question be off-topic when it directly addresses something in the linked story?? Ahhh, I get it now: idiot moderator.
-russ
If they're worried about selling the remaining i-openers in stock, why not make them into Linux boxen and sell them via a slashdot advert??
-russ
This device is patented already.
-russ
MUCH, thanks. Us old folks need black text on a white background. The worst is blue or green on a black background! Designed for unreadability.
-russ
So are the Palestinians going to car bomb this new Jerusalem?
-russ
First of all, I've set up Potsdam State so all their client IP addresses come out of a bootp/dhcp server using static assignment. So their cost to switch to a completely different network is trivial. Change a few servers, edit /etc/bootptab, done. If your site doesn't do this, then it's poorly managed.
I can't say how many addresses your site needs. All I can say, as an economist, is that an IP address should have a price. If the price is worth paying, you'll pay it, and you'll have the addresses you need. Or if you have too many addresses, it makes sense to sell some of them. And if the price of an IPv4 address becomes high enough, it will justify a switch to IPv6.
It's it amazing how well a free market works? Instead of having to have endless discussions, and wailing and gnashing of teeth about routing tables and switching to IPv6, you just turn IP addresses into private property and let the market work it all out.
-russ
Can someone translate this posting into English for me?
-russ
I don't see how this is different from IP-IP encapsulation.
As for addressing the cost of renumbering, we should recognize that IP addresses have become a scarce (in the economic sense of the word) resource, and should be now priced. Given a cost for holding onto an IP address, people will figure out how to relinquish the ones they're not using.
-russ
Students are allowed to run servers from their dorm rooms (just not kiddie porn servers, hehe). 8K addresses would work just fine for them. That's 1/8th the numbers they currently have.
-russ
No, we don't need IPv6. That's why it hasn't been implemented yet. We can get along with IPv4 just fine by aggregating routes. But before we can do that, we need to scavenge IP addresses.
Yes, the decision to allocate all those class B's was reasonable at the time. It's not reasonable now, and those IP addresses are needed.
-russ
This is not a serious problem. What is a serious problem is all the sites that were allocated 2^16 (many colleges) or 2^24 (HP, Stanford, Interop, e.g.) addresses back when there seemed to be an infinite supply. For example, Potsdam State University has a class B. They only have 500 staff and 3000 students. What are they doing with 65,534 addresses??
-russ
You'll just see more route aggregation. Why is this particularly a problem? Renumbering isn't that hard.
-russ
I agree about the "power" thing. A libertarian society distributes power better than any other, though. So while it does not and cannot eliminate abuses of power, at least it reduces their scope.
-russ
It is, and that's perfectly fine in a positive-sum game like a market. It's positively evil in a zero-sum game like a government.
-russ