Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:About time... HFS+ is crap (Score 1) 159

Seriously don't use FreeNAS. It's crap, doesn't give you enough control over how stuff is configured, and has weird issues that vanilla FreeBSD with ZFS doesn't have. Use vanilla FreeBSD if you don't need directory service integration. If you need directory service integration, use CentOS 7 and ZFS on Linux.

Comment Re:Secure by name (Score 3, Interesting) 98

I know what sudo does. I know about filesystem capabilities. I know about NFSv4 ACLs.

But look at e.g. passwd - it needs to be suid so it can update your password hash. It doesn't just get a token that gives it permission to update your password hash, it gets permission to do whatever the fuck it wants on your system. Then you have a whitelist of what it's supposed to be able to do in SELinux that should hopefully stop it from doing anything besides updating a password hash, but there's nothing to stop it updating the password hash for a user other than the one who ran it, or blowing away the password hashes entirely or something. Without SELinux, a bug in passwd has the potential to totally pwn your system, and with SELinux it a bug could still wreak havoc with the password hash database.

By comparison, on Windows when you want to change your password, the program can get a security token that just gives it permission to change your password. It doesn't need to escalate all the way to root privileges, you don't need a separately maintained whitelist for what this program can do. A bug in a password change utility on Windows can at worst change your password to something stupid.

That's not to say that Windows is perfect, or that applications will always only request the rights they need (plenty of "enterprise" tools grab all the rights they can all the time because it's easier for developers), but fundamentally security tokens are a better model than the *NIX approach of suid and hope it doesn't have an exploitable bug.

Comment Re:Secure by name (Score 3, Interesting) 98

Role-based administration and privilege separation. Linux still sucks in this area. With windows you get a security token that gives you permission to do just what you need, on Linux you need to suid yourself to root to do just about anything, which allows you to do absolutely everything. The massive whitelist that is selinux is a backwards way of implementing security.

Comment Re:Law mandated technology (Score 2) 269

If you could take an ancient Athenian and bring them to the present, they wouldn't recognise our "democracy" as being the same thing as theirs at all. They restricted the vote to males over the age of 30 with military service (no concept of universal suffrage), they had direct democracy (not election of representatives), and they also had ostracism as a disincentive for abuse of power. It's also worth pointing out that ancient Athens was far more stable under tyranny than democracy.

Comment Re: Chinese crapware (Score 1) 55

China doesn't have a uniform national business register like e.g. Australia has. The rules for registering a business don't just vary by state or city, but down to the locality within a city. The more prestigious locations often have stricter regulation and more stringent reporting requirements, but (partly as a side effect of this) make it easier to raise capital. Often the company doesn't really have an office there - a number of companies will pool together to rent a small office with one dude sitting at a desk doing very little and use it as their registered business address.

Comment Re: Bullshit. (Score 2) 151

I didn't suggest legalising child prostitution, I suggested legalising and regulating prostitution. This makes it safer for the sex workers and their clients. One pretty universal regulation in places with legalised prostitution requires providers and clients to be no younger than 18. If you have safe, legal prostitution, there's less incentive for people to take their business to sex traffickers.

Slashdot Top Deals

"The vast majority of successful major crimes against property are perpetrated by individuals abusing positions of trust." -- Lawrence Dalzell

Working...