fix for login
Vernon Schryver
vjs at rhyolite.wpd.sgi.com
Tue Mar 5 03:38:46 AEST 1991
In article <9103022329.AA13891 at nazgul.physics.mcgill.ca>, loki at NAZGUL.PHYSICS.MCGILL.CA (Loki Jorgenson Rm421) writes:
>
> OK.... if its public pressure that SGI need to publish the
> fix or post the binary on sgi.com, I am adding my voice to the chorus.
> I have had more than my share of run-in's with the passwdreq bug and
> its pretty irritating.
>
> SGI, please post a fixed /bin/login.
Silicon Graphics is a commercial, for-profit organization. The NFSNET and
BARRNet acceptable use restrictions explicitly prohibit us from using the
Internet or BARRNet for private gain. We can post things for the use of
universities, other educational institutions, and non-profit research
organizations. We cannot post them for others.
It is true that another commercial workstation vendor obtained permission
to offer support over the Internet. It is also true that that wording of
that permission was quite careful. It said, in part,
If this service is made available to for-profit institutions, you sould
(sic) have your for-profit users sign an agreement that their use of
the NSFNET would be limited to research and/or education and will be
consistent with the attached NSFNET Acceptable Use Policy.
It would be at best complicated to get our "for-profit" customers to sign
such an agreement, and to ensure that only those who had signed and those
who at "academic and research institutions" could get the fixed binary.
It is one thing to bend the rules for security fixes in a new sendmail, or
to blink at them with a sendmail that does MX, since all Internet email is
supposed to be to or from "academic and research institutions" and so a
fixed sendmail at commercial site helps the academics. A similar rational
seems unlikely for fixing /bin/login at commercial sites.
Vernon Schryver, vjs at sgi.com
More information about the Comp.sys.sgi
mailing list