Autor: Dr. Nikolaus Klepp Fecha: A: dng Asunto: Re: [Dng] vdev update and design document
Am Montag, 5. Januar 2015 schrieb Martijn Dekkers: > On 5 January 2015 at 07:47, Enrico Weigelt, metux IT consult <
> enrico.weigelt@???> wrote:
>
> > On 05.01.2015 00:40, Jude Nelson wrote:
> >
> > >> In VAX/VMS there was a feature that could in theory be useful,
> > >> though I've never seen it actually used. Fila permissions could
> > >> forbid the root user from reading the file. This might be useful
> > >> for dire secrets. Even the sysadmin couldn't back up that file.
> > >
> > > I think for some applications (like dealing with medical records), this
> > > is a legal requirement.
> >
> > No, certainly not (I'm currently working in than area) - that's just
> > misinterpretation. Instead you'll need clear access control rules,
> > mich might have to prevent _operators_ from accessing certain data.
> > In that case, operators wont have root access.
> >
>
> That answer is just plain wrong. There are several areas where there are
> significant legal requirements around disallowing the concept of a root /
> UID 0 user to have overriding access. Please be advised that SELinux was
> built by the NSA *specifically* to be able to meet these legal
> requirements. Think Government, Finance, Defense, Intelligence, Law
> Enforcement, Medical. Yes, this is first-hand, practical knowledge. Stating
> that there is no legal requirement anywhere for restricting access to
> information only to a certain group of users is .... funny ....
Oh, wasn't the NSA the "inventor" of e.g. the compromised elliptic curve in the NIST standard? I would not give a cent on anything that has a NSA label on it. Be aware that the "legal" concept of the US/UK is confined to that countries and luckily not adressable worldwide.
There's a saying: "For every security problem there is a juridical solution". Take a look at De-Mail to see how that turns out in practice.
Nik
--
Please do not email me anything that you are not comfortable also sharing with the NSA.