Well, with the same reasoning, we don't need passwords or protection bits on files, since I can always take a piece of steel pipe and beat the owner, until he gives out the data, so why bother?

Blocking chown for general users is one level of several controls. Given the need, it is always possible to thwart an attack, with additional controls. And of course, given a set of controls, is is always possible to find an attack that will be successful. It all depends on the cost of the protection, the attack and of the data being protected.


2014/1/13 John Cowan <cowan@mercury.ccil.org>
Tim Bradshaw scripsit:

> For instance imagine I want to pass some customer data to which I have
> access to you, who con't have access, for purposes of malice.

Download the file and mail it to me via anonymous remailer.  Failing
that, use your cell and take snapshots of the screen.  Failing that,
write down the data with pen and ink and send it by snail mail.

If I own a file, I can always get the contents to you one way or another.
Blocking chown doesn't help.

Let's face it: software is crap. Feature-laden and bloated, written under
tremendous time-pressure, often by incapable coders, using dangerous
languages and inadequate tools, trying to connect to heaps of broken or
obsolete protocols, implemented equally insufficiently, running on
unpredictable hardware -- we are all more than used to brokenness.
                   --Felix Winkelmann
TUHS mailing list