assault on linux by windows

[catch]

Different models are used for different aspects... you have access control models governing policy (DAC, DBAC, MAC, RBAC, etc), models (Bell-LaPadula, Biba, etc), and mechanisms. (*-property, least privilege, etc)

Rather than reinventing the wheel, here is a document that covers pretty much everything with access controls that starts at a non-expert level but will give you a greater knowledge of access controls that damn near anyone you will come across.

In short RBAC is used to define access controls by required tasks, typically utilizing least privilege and need to know concepts. harrison, Ruzzo, Ullman model deals with access control modification, and propigation as well as subject and object creation and deletion.

catch

[groovicus]

Cool, some light reading to go along with my Sunday morning coffee..

[chsh]

Originally posted here by catch
No insult intended, you will just need a different knowledge set to talk about actual system security. If you have this knowledge and are just hold back, then the question is "why?"

Because apparently it is wasting my time and effort to bother to try and discuss the topic. I prefer to speak with people who have open minds, you do not appear at first to be one such person. I may be mistaken, but I am not the one combating an idea of something I have no experience of.

It really bugs me when people try to spin someone making an objective statement about their level of knowledge as an insult, but whatever makes you feel better about the situation I guess. I merely ask that you try and take what I say at face value.

Yes, I have. You made the assumptive remarks about my level of knowledge. It is not 'spin' to believe it to be intended as an insult, nor was it presented in any way as objective.

How do you feel that Linux's access control system compares to NT's?

For any sized network, the relative simplicity of Linux's access control system makes maintenance of such a network much much simpler. On a single host basis, this is infinitely more evident. On a multi-host basis, it requires a few additional steps (setting up an NIS server and creating your user lists), but essentially remains the simplistic matter. NT (or Rather, Windows 2000 Server) has an interesting idea of an AC system, and it does have some benefits such as being able to more finely control what a user is capable of doing (in an easier fashion). I believe that Linux's access control lists scale well, and that Win2K's tends to get difficult to manage. In essence, they can both be broken down to the same functionality, with Win2K having more direct control over operating-system level privileges (such as preventing them from installing any software, making registry entries, and etc), however that is a byproduct of the very nature of the operating system, and as such isn't necessarily good for comparison purposes.

Do you have any thoughts on how these differences may vary as systems get more and more distributed with concepts like ASP and whatnot?

It really depends on how you view an operating system. If you feel that the operating system should be utterly in control of every single layer, then I suppose you are at a disadvantage using any unix, or indeed, even older versions of Windows to an extent. If however, you believe an operating system should focus merely on servicing the tasks it is required to do, and have simpler permissions systems in place to handle access control. From a straight security standpoint, the latter is better IMO. It is more flexible, while permitting restrictions as needed, and can more readily start from a "deny everything, then allow what you need" perspective. The former requires much more administrative time to merely setup, let alone maintain, and your ROI on that will be rather low.

It is my belief that Linux's lack of both modular and centralized granularity of not only access controls but privileges as well will continually force security controls further and further away from the security kernel itself leading to a lower level of assurance across the enterprise resulting in a greater chance of inside compromise and a greater reliance on secure applications.

Nice belief but you are mistaken. Unix has long dominated the massive multi-user network, and if you are foolish enough to compare a standard linux machine lacking NIS hooks to a full Windows 2000 domain then you are not performing a proper comparison. I assume you are well aware of NIS' capabilities, which leads me to wonder where the asusmption that Linux lacks 'modular and centralized' privileges.

[...]
The only correction I can see to this situation is the removal of the concept of "root" in Linux and the addition of more Harrison, Ruzzo, Ullman influenced access controls allowing greater control of specific resources while ensuring those rights are not propagated beyond their original design.

The removal of the superuser account is irrelevant to maintaining proper access controls on a linux (or indeed most unixes) box. If default security measures are irrelevant (as you say) this issue disappears, simply because no system anywhere in a corporation should have any setuid binaries. The superuser access still becomes a valuable tool to admins. Indeed, on such a large network of linux boxes, you would only have a superuser account and any service accounts needed on a machine, you would not bother with user accounts existing on the machine at all, and rely instead of NIS and so forth to provide those services.

[...]
As an experienced professional, nore in the trenches as I were than myself, I'd love to hear your thoughts on the subject.

Then perhaps a piece of advice: next time don't leap to insulting someone's experiences and/or intelligence because you disagree with them or they you. The key to learning is to keep an open mind and be willing to listen to everyone -- especially people in a position to have half a clue.

[ThePreacher]

Originally posted here by catch
ThePreacher, run MSIE as a less privileged user, all bugs fixed without patching. Gee that was tough.

Actually it is tough Catch. Many normal users run everything in windows as root, or admin. They don't even have a less privileged user. In a comparison of how Microsoft fixes its bugs, this is 100% relevant. Many normal users are vulnerable because of these problems never being fixed.