Re: LYNX-DEV Re: ...vulnerability in Lynx...

[Scott McGee (Personal)]

address@hidden (Larry W. Virden, x2487) writes:

>> In message <address@hidden>, Scott McGee (Personal) writes:
>>  ] Come on now! Lynx isn't some DOD hyper sensitive program with top secret
>>  ] data that should only be run in a ultra secure environment, it is a web
>>  ] browser. It should attempt to run in any environment it is asked to. If 
>> the
>>  ] system Lynx is run or compiled on is noticably insecure, then _AT MOST_ it
>>  ] should issue a polite, ignorable notice, and then continue to run.
>
>I'll go even further.  If lynx isn't going to be secure, then it needs
>to advertise the fact.  At that point, it will no longer be used by
>ISPs, who _need_ lynx to be "some DOD hyper sensitive program with top
>secret data", or at least to be able to be secured to protect everyone's
>data on the machine.
>
>Folks are doing _business_ on these systems.  If Lynx can be used to
>compromise someone's account, then they may lose money - or information
>someone else would prefer to keep private (medical bills, credit information,
>etc.).

Then if they aren't providing basic security such as a /tmp directory with
the "sticky bit" set, then they have much worse problems than Lynx!

Maybe we should just bundle SATAN with Lynx, and have Lynx use SATAN to do
a full security check before we allow Lynx to run!

Seriously, it is not Lynx's job to enforce or even check security. It must
avoid introducing additional security risks. If the system has an insecure 
/tmp directory, then lynx is no worse than dozens of other programs, so it
must still function, or it is worthless. If the /tmp directory IS secure, 
then and only then does Lynx's security become an issue here. If we can fix
Lynx to operate securely IN THAT ENVIRONMENT, the we have done our jobs. We
don't have to check for unsecure /tmp directories and refuse to run, or run
a full SATAN check or any such nonsense.

Hey, I am getting worked up about this, and don't need the frustration. I
don't seem to be getting through to anyone, and do seem to be upsetting a
few others so I'll just drop this whole issue now. You guys sort out whatever
you want to do, and do it. I'll just sit back here, keep the devel 
environment operational for the devel team, and watch what happens. If anyone
cares to engage in further discussion of this with me, do so by private email.

Scott

  If at first, you don't succeed, | address@hidden (Scott McGee)
  go fry a hen. After all, fried  | -----------------------------------------
  chicken beats failure any time. |  I was paid $5.00 to express these views!
  ------------> http://www.genealogy.org/~smcgee/homepage.html <-------------
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;