How secure is UNIX?
David Elliott
dce at smsc.sony.com
Tue May 29 12:28:54 AEST 1990
In article <6365 at amelia.nas.nasa.gov> samlb at pioneer.arc.nasa.gov.UUCP (Sam Bassett RCS) writes:
>
> Moral of the story:
>
> Don't put passwords in your .netrc, dum-dum. (Or anywhere that
>*anybody* can read 'em -- even you!) (Don't assume it's the sysop,
>either -- assume that UNIX is *NOT* secure until it is proven otherwise.)
I think that the problem here, Sam, is that the .netrc file is "an
attractive nuisance". Not only does the .netrc file give you a place
to put a password, the documentation tells you that this feature won't
be used if the file is readable by others. In essence, it is saying
"it's safe to put passwords here".
So, while I agree with most of your moral, I disagree with the "dum-dum".
Anyone can be lulled into a false sense of security with the way passwords,
permissions, and so forth are documented.
--
David Elliott
dce at smsc.sony.com | ...!{uunet,mips}!sonyusa!dce
(408)944-4073
"If I had a hat the size of Oklahoma, I'd be a happy person."
More information about the Comp.unix.questions
mailing list