lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20040213115624.T16238@dekadens.coredump.cx>
From: lcamtuf at ghettot.org (Michal Zalewski)
Subject: Re: Removing FIred admins

On Fri, 13 Feb 2004, Steve Wray wrote:

> Actually, isn't that what DRM is all about?

No, not in the real world.

Here's a good hint: hire reasonable people, treat them well. To help them
help you, establish access policies, keep admins accountable, and track
access rights. Require more than one person to carry out certain critical
actions.

Keep in mind that accounting and cleanup procedures are the last line of
defense. When employees turn against you, you can clean it all up, but
they still are an enemy you rather would not have.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ