Path: utzoo!utgpu!jarvis.csri.toronto.edu!clyde.concordia.ca!uunet!aplcen!samsung!think!snorkelwacker!bloom-beacon!athena.mit.edu!jik
From: jik@athena.mit.edu (Jonathan I. Kamens)
Newsgroups: comp.unix.questions
Subject: Re: Passwords and salts
Keywords: passwd, password, salt
Message-ID: <1990Jan15.030347.16562@athena.mit.edu>
Date: 15 Jan 90 03:03:47 GMT
References: <943@targon.UUCP> <85606@linus.UUCP> <1990Jan8.232650.6615@i88.isc.com>
Sender: news@athena.mit.edu (News system)
Reply-To: jik@athena.mit.edu (Jonathan I. Kamens)
Organization: Massachusetts Institute of Technology
Lines: 21


In article <943@targon.UUCP>, andre@targon.UUCP (andre) writes:
> In article <1990Jan8.232650.6615@i88.isc.com> daveb@i88.isc.com (Dave Burton)
> writes:
> >That is not being responsible - you have no way of verifying this truth of
> >this statement. Besides, I may be the sysadm from my posting machine, but
> >use the program on another which I'm not.
> 
> Oh yes you can! If you want to check this, just ask the person in question
> to re-mail the request as root from his machine and then mail the sources
> to the same root. This way even if he succeeds in faking a uucp header, his
> administrator will catch him.

  Excuse me, but how does mailing the code to root on one machine prevent the
recipient of the code from copying the code to another machine and compiling
and executing it there?

Jonathan Kamens			              USnail:
MIT Project Athena				11 Ashford Terrace
jik@Athena.MIT.EDU				Allston, MA  02134
Office: 617-253-8495			      Home: 617-782-0710