[geeks] root equivalent user
Kurt Huhn
kurt at k-huhn.com
Fri Oct 25 08:32:31 CDT 2002
On Fri, 25 Oct 2002 01:18:42 -0400 (EDT)
woods at weird.com (Greg A. Woods) wrote:
<security procedure/policy snipped>
>
> Just as Mike said, you can't have absolute security. But then security
> isn't a state that you reach, or even really a level that you can
> balance with a risk assessment -- it's a state of mind and a way of
> doing things.
>
See, that's what you should have done the first time - instead of telling
someone that what they use is stupid, or the procedure wrong, or the policy
flawed. Contribute to the discussion, man. Until you offer *constructive*
critisism and helpful suggestions, you'll simply be labeled as a self
rightous and arrogant bastard.
Also, keep in mind that your method is not the appropriate one for all
situations. Keep an open mind. For instance, for a company of less than a
certain size, the method you describe above is extremely time consuming for
little benefit. In cases such as this, "good enough" is usally good enough.
--
Kurt
kurt at k-huhn.com
More information about the geeks
mailing list