[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SAGE] Security tokens

To: sage-members@usenix.org
Subject: Re: [SAGE] Security tokens
From: Dave Close <dave@compata.com>
Date: Mon, 20 Jan 2003 17:17:26 -0800
In-reply-to: Your message of "Mon, 20 Jan 2003 16:39:53 PST." <41730000.1043109593@jxh.mirapoint.com>
Sender: owner-sage-members@usenix.org

Jim Hickstein wrote:
>And yes, certain things (like "sudo /bin/sh") are considered <i>prima 
>facie</i> acts of wrongdoing, meaning that I can convince HR to take steps.

Why? If that function works, it must be because you allowed it. If you
didn't, it shouldn't do anything besides produce an error message. It
may be stretching things, but the attempt could have been a typo.

Personally, I've been in situations where I didn't know if something
was permitted, and the only easy way to find out was to try it. Then,
when it doesn't work, I can let the powers-that-be know the adverse
impact on my job performance. If it does work for me, and I suspect it
really shouldn't, I can also report that.
-- 
       Dave Close, Compata, Costa Mesa CA       +1 714 434 7359   
       dave@compata.com              dhclose@alumni.caltech.edu         
   "The world will little note nor long remember what we say here."
                   -- Abraham Lincoln, Gettysburg, 1863

Follow-Ups:
- Re: [SAGE] Security tokens
  - From: Jim Hickstein <jxh@jxh.com>
- Re: [SAGE] Security tokens
  - From: Ted Cabeen <secabeen@pobox.com>

References:
- Re: [SAGE] Security tokens
  - From: Jim Hickstein <jxh@jxh.com>

Prev by Date: Re: [SAGE] Security tokens
Next by Date: Re: [SAGE] Security tokens
Prev by thread: Re: [SAGE] Security tokens
Next by thread: Re: [SAGE] Security tokens
Index(es):
- Date
- Thread