Unix userid conventions

rbj at icst-cmr.arpa rbj at icst-cmr.arpa
Fri Mar 13 09:24:39 AEST 1987 

? Until recently, userids on the  Suns  consisted  of  users'  last
? names.   Our IBM systems use userids which are unique 6-character
? alphanumeric codes obtained by taking a  user's  Social  Security
? Number  base  36 (or something like that).  As far as the user is
? concerned, it's a random userid (e.g. QZX1RS).  In  the  interest
? of  security. the powers that be have decided to use this type of
? userid on the Sun system.  Naturally, the Sun users balked.  I've
? tried  to reason with the system administrators, but to no avail.
? I pointed out that enforcing  stricter  password  usage  measures
? would  be  a  better  solution  (e.g.  password  aging, computer-
? generated passwords, minimum length passwords,  etc).   I  notice
? that  nearly every contributor to unix-wizards has a userid which
? consists of either the user's last name, first name, initials, or
? some  combination  of  these.  Surely you guys are concerned with
? security?! (the response I got  was  that  csnet  users  are  all
? university  types  (and  I  guess  I  was supposed to assume that
? university types aren't security-conscious)).
? 
? Can anyone come to my defense?  Thanks for your time.

Sounds like the EDS bozos. Pretty brain-damaged, eh? All you can do is
play their game. As mike at brl suggested, get that report.

All you other groovy people commenting on this have missed the point:
Merely *knowing* that a given user has an account on a machine provides
a clue as to where to look. Anonymity provides some `security'.

Tell them it's a violation of your privacy to use your SSN as an input
to a function.

Just wait till those suckers find out the password file is readable :-)

	(Root Boy) Jim "Just Say Yes" Cottrell	<rbj at icst-cmr.arpa>
	Why did Paul Simon name his album after Elvis Presley's house?

Disclaimer: I speak for myself. NBS doesn't necessarily think likewise
of EDS, but just the same, I haven't seen any of them working on any
of our contracts either.

P.S. Say HI to Myron Ginsberg for me.

More information about the Comp.unix.wizards mailing list