Beefy Boxes and Bandwidth Generously Provided by pair Networks
Think about Loose Coupling

comment on

( #3333=superdoc: print w/replies, xml ) Need Help??
I totally agree with you when you say that we must be security aware.

However, I real life you just CAN'T always setup the adequate security level.

I mean security is almost always a tradeoff for ease of use...

Of course you can recompile your kernel adding various security patches, audit your sources, log everything on your box,
changes your password to a random one every week (and Remember it), disable all unused ports,
set up a tcpwrapper AND a firewall, use secure protocol (ssh, IMAP(?)) and forbid the insecure ones (telnet, ftp...),
you can spend 2 hours a day browsing for security holes on vulnerability lists and patching all your proggies to new versions...

But will it be necessary for single user box, with no sensitive data and connected few hours a day to the net ?
Even if some of you scream 'YES' the answer is 'no' (mainly beccause of the hours lost in the patching/upgrading work ;-)

Security must be adapted to the level of security you NEED.

Enhance the security where it's necessary (or at least where it's the most efficient).

Don't ge me wrong ! in a perfect world (where I would get paid to do it full time with skillfull user accepting the drawbacks)
the 'everything should be secure' policy would be fine.
Sadly, My boss think my job is to code as much as I can, and allow me almost no time to administer 5 servers and several workstations.
My users say SCP is too complex and that they WANT to use their (unsecure) AceFTP client.
So in this world I have to carefully use the few time I have to enhance the security with a maximum efficiency (with the little time/resource I have).

So IMHO, even If you must be always security aware, there are some things that you can't afford to do.

It remembers me the (Merlyn?) 10/10 rules about 'use strict' stating that any script with more than 10 lines
or running more than 10 times should be using use strict.
We should always use the strict pragmata, but we can't afford it for simple case...

Have you ever wonder why there are so few b1 compliant computers ?
It's only beccause REAL security make the use of a computer REALLY horrible.

So even if it's not so clear, here is my message :

Be security aware, especially beccause you CAN'T reach true security, and try to make things as secure AND easy AS YOU CAN.

"Trying to be a SMART lamer" (thanx to Merlyn ;-)

In reply to Re: Stay aware of security by arhuman
in thread Stay aware of security by tilly

Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post; it's "PerlMonks-approved HTML":

  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.
  • Log In?

    What's my password?
    Create A New User
    and the web crawler heard nothing...

    How do I use this? | Other CB clients
    Other Users?
    Others wandering the Monastery: (6)
    As of 2020-04-01 06:04 GMT
    Find Nodes?
      Voting Booth?
      To "Disagree to disagree" means to:

      Results (186 votes). Check out past polls.