How secure is UNIX?
Roger Jagoda
rogerj at batcomputer.tn.cornell.edu
Mon Jun 11 08:49:48 AEST 1990
In article <1931 at aurora.cs.athabascau.ca> lyndon at cs.AthabascaU.CA (Lyndon Nerenberg) writes:
>samlb at pioneer.arc.nasa.gov.UUCP (Sam Bassett RCS) writes:
>
>> I agree -- the documentation should be more straightforward about
>>the dangers of the .netrc, and for d**n sure, whoever is teaching kids
>>about UNIX should point out the problem -- especially at Berkeley.
>
>.netrc is an ugly BOTCH and should be removed from ftp. I guess I
>have something to do this afternoon ...
Wait, the .netrc file DOES have a good use--anonymous FTP sites. I mean
how many times do you REALLY want to type ANONYMOUS anyway. Sam's right,
the UCB kids just need better teaching about the tool, although, UNIX
has this problem in other tools too. Just MHO. As for the passwd file
being readable by ANYONE, there's no argument I know of that can be
presented for why that EVER was a good idea. If a file is readable it is
useable, or MIS-useable. Novell, VMS, IBM OSes all have similar files that
are NOT readable...for good reasons. Now, shadow passwd files are part of
the solution, allowing the OS to get by with a passwd file with attributes
of 600 is another part and doing away with the file altogether is the BEST
part!
--
------------------------------------------------------------------------------
Roger Jagoda -- My employers don't even like paying
Cornell University me, let alone accept responsibility
fqoj at cornella.cit.cornell.edu for anything I say or do! --
More information about the Comp.unix.questions
mailing list