Sunday, March 25, 2007
Cohen on Howard: Chapter 21
Chapter 21 covers securing the software installation experience.
Cohen:
Again, Cohen doesn't offer a source for this statement. I don't believe the chapter said this.
Cohen:
The chapter doesn't advocate this, either. Instead, it points out that registry can be a nicer choice than a file since it offers fine-grained access control, per-value, whereas files can only offer security per-file.
Cohen:
Then comes the really hokey advice. Like that systems administrators should be able to alter application programs. Really? Since when should users who are the "administrators" on their computers be able to alter the binary code of an executable from a vendor?
Again, Cohen doesn't offer a source for this statement. I don't believe the chapter said this.
Cohen:
And why should we put keys to codes in the system-wide registry file instead of a file that is protected from read by others?
The chapter doesn't advocate this, either. Instead, it points out that registry can be a nicer choice than a file since it offers fine-grained access control, per-value, whereas files can only offer security per-file.
