From: Dunn, Kevin (KSDunn@firstcommand.com)
Date: Mon Mar 05 2007 - 14:23:21 EST
WALI -
I would submit that by specifying "malicious intent" in your scenario
you are closing off the vast majority of problems that can arise in
environments where strict controls between development, testing, and
production environments are not applied. You original question is very
valid - however I would be interested in responses to a broader question
also.
In my opinion, the majority of problems occur when things are "fixed" in
production. This is a natural impulse, as the overwhelming majority of
people in the information technology field are "fix it" people. We do
not like to see a problem go on for a minute more than necessary.
However, when development teams are allowed access to production for
debugging and remediation, the following items can occur in the "heat of
battle" without any malicious intent.
-- A fix is created and applied - but not applied to the source code
system so the problem re-occurs with the next code update.
-- Unknown exploit code on the developers machine has access to live
production data - potentially HIPPA or trade secret data which can cost
significant resources if exposed.
-- Ad-hoc logging and tracing functions are created, causing problems
later when log files grow in strange, out of the way places and cause a
server to crash due to disk or resource exhaustion.
-- The same ad-hoc logging and tracing functions create logs which
contain sensitive data which are unknown and unmonitored and
subsequently not handled in a secure manner.
-- Debugging code is activated in production which causes un-explained
system slowness.
Unfortunately for the proof of concept aspect of your question - it is
difficult to prove that these thing will occur. However, you can show
through mathematical analysis of an organizations operational and
software defect percentages the likelihood of these items occurring.
Hope these thoughts help. Best wishes on your research, I hope you are
able to share the results with the list.
Kevin Dunn
STATEMENT OF CONFIDENTIALITY: The information contained in this message or any attachments to this message are intended only for the person(s) or entity to which it is addressed and may contain confidential and/or privileged material as well as being protected from disclosure. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is strictly prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer.
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:38 EDT