Protecting against downloads
Michael P. Deignan
mpd at anomaly.sbs.com
Thu Sep 13 09:42:29 AEST 1990
heiser at sud509.ed.ray.com (Bill Heiser - Unix Sys Admin) writes:
>A *ix sysop I communite with recently told me that he'd caught one of
>his "shell-access" users downloading *ix binaries. Since I'm getting
>ready to set up my system for public access, this concerns me. How
>do you all who run public-access systems protect yourselves against this
>kind of thing? If it went on for long enough, the person could get
>himself an entire OS for free!!
Well, getting an entire OS for free is a bit far-fetched for a user to
accomplish, since there is a little more to the installation process than
merely copying files off a floppy disk onto a hard drive.
I don't mind shell users downloading binaries, and long as they are from
"freeware" type packages, like ELM, GCC, etc. I get upset when I see
someone downloading my /bin/sh (which, with the proper patches to the
binary and re-uploaded might become a formidable tool for the wrong user)
which I purchased, and subsequently puts me in violation of my license
agreement. Of course, if someone said to me: "Hey, I just trashed my
/bin/csh, mind if I download yours?" and I know they have the same OS
that I do, then I don't mind too much (although, technically I suppose
that too is a violation of the same license agreement...)
>As far as I can see, we either have to trust the users that we give
>shell access to, or make kermit/sz, etc unavailable to them. I guess
>we could just make downloads only available thru the "bbs", rather than
>from the shell ...
This is one way to prevent the problem from happening, albeit a bit
difficult for legitimate shell users to grapple with. I find it is merely
easier to trust someone until they give me reason not to. Of course,
another *NIX user, with 'CU', could still '%get' a file from your system!
Right now, as I'm starting the process of getting a second modem installed
for our system, is wondering how I'm going to prevent shell users from
'<insert-your-favorite-comm-program-here>'ing off on my second line to
BBS's in the UK!
MD
MD
--
-- Michael P. Deignan, President -- Small Business Systems, Inc. --
-- Domain: mpd at anomaly.sbs.com -- Box 17220, Esmond, RI 02917 --
-- UUCP: ...uunet!rayssd!anomaly!mpd -- Telebit: +1 401 455 0347 --
-- XENIX Archives: login: xxcp, password: xenix Index: ~/SOFTLIST --
More information about the Comp.unix.sysv386
mailing list