Re: Tightening up security for quarantine script

From: Pierre Dufresne (pierre.dufresne_at_messf.gouv.qc.ca)
Date: 02/06/04

  • Next message: Watson, Michael: "RE: Tightening up security for quarantine script"
    Date: 6 Feb 2004 15:27:11 -0000
    To: focus-ms@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is) In-Reply-To: <20040205150521.21276.qmail@www.securityfocus.com>

    Thank you all for your comments.

    Alan Melia suggested to use a compiled program instead of a script. This is exactly what I thought of at first because it would somehow hide the return code and make it less easy for someone to modify. Since I am not trying to make this completely secure, this solution seemed acceptable.

    I may be wrong here because I just started experimenting with the quarantine feature but the connection profile created with CMAK places the script or program in a specified directory. I think that overwriting it with a simple script with the same name would do the trick (if someone can somehow obtain the return codes).

    In the end, I think there is no simple solution to this. Usually, security by obscurity is not really a solution, but in this case it provides a satisfactory slightly higher level of security (at least for our environment).

    Thanks

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------


  • Next message: Watson, Michael: "RE: Tightening up security for quarantine script"

    Relevant Pages