Summary

This chapter covered the tools and techniques necessary for you to customize your users' capabilities to match those you require them to have. Make good use of these tools to enforce the policies that you've created for your system. Remember that your users will make mistakes and occasionally display poor judgment when using their accounts. Don't take an incident of a user running up against one of your security barriers as a sufficient condition to consider her a danger to your system. Good users sometimes make bad mistakes; this doesn't necessarily make them untrustworthy. On the other hand, if you don't trust an individual, for goodness sake, don't give him an account!

Plenty of the most important users in computing history ”people such as Randal Schwartz (http://www.swiss.ai.mit.edu/6805/articles/computer-crime/schwartz-matrix-news.txt), Dan Farmer (http://www.trouble.org/survey/), and even ACM Turing Award winner Ken Thompson (http://www.acm.org/classics/sep95/) ”have done things that most would consider questionable, and in some circles even criminal, in their work, experimentation, and learning with computers. Without these people, the computing world would be a much poorer place, and we owe them a debt of gratitude for what they've done for us, in some cases after having been thoroughly undone by their administrative staffs.

In the global community of computing security, generating the next generation of computing greats is everybody's problem. It might not always seem like it, but it's usually in your best interest to contribute to the community what you can, when you can. Sometimes, that contribution will be in the form of well- educated users, who've learned enough about computing security to develop and implement the next generation of computing security tools.