× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  • Subject: RE: Programmer Authorities
  • From: "Weatherly, Howard" <hweatherly@xxxxxxxxxxxx>
  • Date: Tue, 16 Sep 97 13:33:00 EDT


I agree that accidents happen, thats why if nothing else gets done on a 
regular basis, the backups do.

As for the role playing, obviously you have not spent much time in the 
highly paranoid world of the Federal Government. Some individuals refer to 
that Superuser as having God authority, same thing for the Mainframes; We on 
the 400 have fostered as best we can an open environment. Yea even I.... 
delete things that should not be deleted, but the bases are covered.

The big problem comes about when access is restricted without explenation as 
to why! Another problem is when people must smootch someones butt just to 
get what they "need" to get what they have been told to do, done. "Need" is 
of course different for different people.

"We" do not always take the time to assess peoples needs with respect to 
authorities, oft they are out there just a-festering with resentment because 
they cannot get things done. So all I am really saying is by all means cover 
yourself, but talk to those folks, you may be surprised at what is going 
through thier minds.
 ----------
From: Vern Hamberg
To: MIDRANGE-L
Cc: Weatherly, Howard
Subject: RE: Programmer Authorities
Date: Tuesday, September 16, 1997 11:03AM

At 09:13 AM 9/16/97 EDT, you wrote:
>
>If you dont trust your programmers and give them some sense of  your
>confidence
>in them,  they will soon be working for your competitors.

Right, but no amount of confidence can prevent accidents. Most problems
with security come from accidental deletion of objects, etc., not from
malicious hacking. It is critical, IMO, to forestall the idea that
enforcing security is about restrictions or punishment. Being security
officer or (in Unix terms) superuser is not about power or playing God.
It's about managing the system(s) so that everyone--repeat, everyone--can
best get their work done. Excess authority does not get more work done, it
just leaves open the possibility of accidental and (rarely) malicious 
damage.

I've been there--I like having the power--and I have to resist the impulse
to wield it unfairly when I have it, as I do now. I find it useful to
remind myself that the reason I have any privileges is that I've been asked
to do certain jobs that require these privileges, and I guess I've shown
myself worthy of trust in these things. I've __still__ brought every
machine to its knees by carelessness, but I'm learning, too.

We've been through a painful transition from absolutely no security, to all
intents and purposes, to a moderately secure environment. We're coming out
on the other side and are still alive. When things happen, we always assume
no malice was involved.

Security does not mean paranoia!!

Of course, just because you're paranaoid doesn't mean they're not really
after you! :->

Vernon Hamberg
Systems Software Programmer
Old Republic National Title Insurance Company
400 Second Avenue South
Minneapolis, MN 55401
(612) 371-1111 x480
+---
| This is the Midrange System Mailing List!
| To submit a new message, send your mail to "MIDRANGE-L@midrange.com".
| To unsubscribe from this list send email to MAJORDOMO@midrange.com
|    and specify 'unsubscribe MIDRANGE-L' in the body of your message.
| Questions should be directed to the list owner/operator: david@midrange.com
+---


As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.