BSD tty security, part 3: How to Fix It
Chris Siebenmann
cks at hawkwind.utcs.toronto.edu
Thu May 2 07:39:02 AEST 1991
lm at slovax.Eng.Sun.COM (Larry McVoy) writes:
| Is all this fuss really worth it? I hate to appear caveliar and I
| don't speak for Sun, just as a user, but does anyone really care? OK,
| anyone except the Feds? Yeah, the system is insecure. In many
| places. It seems to me that worrying about anti-social behavior
| through tty's is the least of our problems.
This is only true if you trust (or mostly trust) your user population.
This is probably true at most commercial and research sites, less true
at educational machines used by professors and graduate students, and
not necessarily true at all for undergraduate machines. I'd like to
trust the undergraduates, and to a certain extent I do, but not to this
extent.
Worse yet, it is VERY hard to have any sort of control over who gets
accounts and access; students come and go, accounts are left inactive
when people drop the course, people share their passwords with others,
and people use easy to guess passwords. With some work, just about
anyone could walk off the street here and log onto one of our
undergraduate systems, and I have every reason to believe that some
people do. All I can do is to make sure that once someone has managed
to log on, the amount of damage they can do is minimized and easy to
fix.
--
"This is what separates us system programmers from the
application programmers: we can ruin an entire machine and
then recover it, they can only ruin their own files and then
get someone else to restore them" - Geoff Collyer
cks at hawkwind.utcs.toronto.edu ...!{utgpu,utzoo,watmath}!utgpu!cks
More information about the Comp.unix.wizards
mailing list