workstation security
bh at cs.brown.edu
bh at cs.brown.edu
Sat May 6 10:13:13 AEST 1989
It would seem that the "best way" to deal with network security involves a
network-wide authentication service (Kerberos, etc). The efforts to make
an individual workstation (or any machine not behind a locked machine room
door) difficult to halt or boot in some sort of maintenance-mode (single
user, diag mode, etc) still don't guarantee that some server can trust the
client workstation and only make normal servicing more difficult.
For example, in the Sun boot prom you could easily (:-) ) L1-A the
machine, use the a prom command to update some memory location such as the
uid field of some user structure to say... 0, and then ``c'' back...
and....
Is Sun (or any one else) working on product involving Kerberos or
something like it? Is this were Sun is going with C2 security and secure
NFS?
Bent
More information about the Comp.sys.sun
mailing list