[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [coldsync-hackers] Re: Security considerations
On Tue, Feb 27, 2001 at 05:03:53PM -0500, Alex Tronin wrote:
> I wouldn't bother too much about security with ColdSync.
> Most of the time person who makes a connection with the machine has physical
> access to it ( may be it less the case if you have infrared connection ), so
> why bother too much ?
Because the person who has physical access to the machine may
not be the owner of the machine, or the person responsible for it.
In real life, I'm a sysadmin. I'd like to offer ColdSync as a
supported service. However, I won't allow it on my network if I don't
think that it's reasonably safe.
Also, I don't want to see my name in a CERT advisory.
> So I would assign to sync process non-priviliged user like "nobody" and
> chroot-ed it to designated directory.
This works, but in a multi-user environment, it can be either
overly restrictive or a pain to administer (this may, of course, be
what you want).
> Main problems, IMHO, are in connection.
Could you elaborate?
--
Andrew Arensburger This message *does* represent the
arensb@ooblick.com views of ooblick.com
The less you bother me, the sooner you'll get results.
--
This message was sent through the coldsync-hackers mailing list. To remove
yourself from this mailing list, send a message to majordomo@thedotin.net
with the words "unsubscribe coldsync-hackers" in the message body. For more
information on Coldsync, send mail to coldsync-hackers-owner@thedotin.net.