I have really mixed feelings about your thoughts because "It's too hard" is a very slippery slope, one that leads to complacency far too easily. In turn, complacency leads to compromise (in both senses of the word).

Given the rise of distributed DOS attacks, the practice of using compromised systems as gateways to further mayhem, and other common tactics, I really don't think it's unreasonable to make things a little harder than they need to be in order to add basic and reasonable precuations.

(I'm reasonably certain that you're aware of this, but I'm trying to point out that many hacks are executed through very common and easily fixed vunerabilities.)

Yes, of course there's a balance, but I would argue that you need to draw the line a little farther from the knife edge.

Users will complain about being forced to change their passwords and to mix case, add numbers, and so on. But they eventually learn and adapt.

They will not do it on their own; you (the admin) must educate them. Given the number of excellent sources and the publicity surrounding certain hacks, this doesn't need to be overly time consuming.

Your boss wants you to code? Fine, get him to let you code decent starting places for your users. If they're using FormMail, give them a more secure version. Give them packages of convenient, easy-to-use routines designed to be safer.

Let them use their FTP clients...on realms isolated from data. Don't let them play in a sandbox on the same machine as the one running your database.

I think part of tilly's warning is that there are far too many basic, easy, and well-known things you can do to prevent most problems. Be sure you use them.

Do you really want modern versions of Al Capone running through your systems?

Also, try to get your boss to allow you two hours a day for research to be spent on non-billable projects. Explain to him the benefit of having a more educated admin/programmer. Show him that this is an investment that will pay off over time.

Yes, there's a balance between total security and reasonable access. Take the time to make sure you've drawn that line as carefully as possible. If you don't know where it is, you will learn...one way or the other.

(Not trying to flame you or anything. Just trying to make it perfectly clear that it's far too easy to be complacent. Ignorance must be resisted as strongly as possible.)

"It's too hard" is not a valid excuse in my book. "Acceptable Losses" may be a better term.

--f

Update: In response:

I think we're arguing the same thing viewpoint from different angles. I do agree that 100% security is difficult, expensive, and restrictive. I was really trying to say be very, very careful with your compromises.

Specific points:

Again, this is friendly discussion that's not intended to inflame. I'm trying to solve problems, not criticize anyone's decisions, work, or choices. Most of us care enough about our work to keep poking at it after it's "done." That's the attitude that I'm trying to encourage. Do the best you can at the moment, accept your limitations, and try to improve when and where you can--even if that's the next project.


In reply to Re: Re: Stay aware of security by footpad
in thread Stay aware of security by tilly

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":