Bugtraq mailing list archives
Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper)
From: thegnome () NMRC ORG (Simple Nomad)
Date: Wed, 24 Nov 1999 12:38:35 -0600
On Wed, 24 Nov 1999, Scott Zimmerman wrote:
On Tue, 23 Nov 1999, Crispin Cowan wrote:I agree that configuration and operational issues are a hard problem
to solve.
In general, I don't know how to solve them. My (crass commercial)
solution is
that folks who don't really know what they're doing should buy
appliances
I firmly agree and I'm not even selling anything. <g> The problem here lies in that many work users have systems at home and see no difference between the complete control of their home machines and what they think should be their complete control of their work machines. I worked in a rather large computing facility earlier this year where we were using NetApp filers for central storage. Users vehemently resented the multi-GB quotas and complained by saying "I have a 20GB drive at home, why can't I have one here?" If appliances are put on the desktops instead of real standalone-capable machines, the appliance might be a sufficiently different animal that the users may not be as tempted to make comparisons to their home systems. (I'm speaking generally about PC folks here.)
Speaking of quotas, it is common for NT administrators to give end users full control over their home directory. Once this is done, the end user simply removes everyone but himself from having any rights to his home directory. Bingo, no quotas, as the quota manager doesn't have the rights to get into the directory. Depending on the settings and the qm installed, it may never be noticed. The bad side is that backups will miss this directory as well. Then you have users who might accidently delete important data and assume they can get it back. I have seen this in more than one shop that implemented quotas on NT by simply installing a magic software package, spent an hour configuring it, and assuming that it simply just works. One can imagine all the other "packages" that were simply "installed" and are therefore considered "impemented and doing their job". I would expect that exact same type of assumption for an appliance. The danger is in introducing an appliance to solve one problem (such as user "demand") will probably create others. In other words we are all gainfully employed forever ;-) Simple Nomad // thegnome () nmrc org // ....no rest for the Wicca'd.... www.nmrc.org //
Current thread:
- Re: local users can panic linux kernel (was: SuSE syslogd, (continued)
- Re: local users can panic linux kernel (was: SuSE syslogd Darren Reed (Nov 23)
- Re: local users can panic linux kernel (was: SuSE syslogd Savochkin Andrey Vladimirovich (Nov 24)
- Remote DoS Attack in WorldClient Server v2.0.0.0 Vulnerability Ussr Labs (Nov 24)
- Remote DoS Attack in BisonWare FTP Server V3.5 Vulnerability Ussr Labs (Nov 24)
- Re: local users can panic linux kernel (was: SuSE syslogd Darren Reed (Nov 24)
- [w00giving '99 #5 and w00news]: UnixWare 7's su Matt Conover (Nov 25)
- Buffer Overflow Survey Paper Crispin Cowan (Nov 22)
- Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Crispin Cowan (Nov 23)
- [ COBALT ] Security Advisory - Sendmail Jeff Bilicki (Nov 24)
- Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Scott Zimmerman (Nov 24)
- Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Simple Nomad (Nov 24)
- Netscape communicator 4.x Javascript security flaw Ahmed Ghandour (Nov 24)
- Re: Netscape communicator 4.x Javascript security flaw Metal Hurlant (Nov 26)
- Re: Netscape communicator 4.x Javascript security flaw Ahmed Ghandour (Nov 26)
- Windows NT 4.0 Service Pack 6A Breaks IP Forwarding Brendan Howes (Nov 25)
- Oracle Web Listener Mnemonix (Nov 25)
- [w00giving '99 #6]: UnixWare 7's Xsco Matt Conover (Nov 25)
- Re: Operational Issues: Applications & Appliances (was: Buffer Overflow Survey Paper) Mark Seiden (Nov 24)
- Netscape Communicator 4.7 - Navigator Overflows Mike Boto (Nov 24)
- BindView Security Advisory: SSR Denial of Service BindView Security Advisory (Nov 24)
- Re: BindView Security Advisory: SSR Denial of Service Alan Cox (Nov 24)