Path: utzoo!attcan!uunet!aplcen!uakari.primate.wisc.edu!zaphod.mps.ohio-state.edu!swrinde!ucsd!ucbvax!VLSI-MENTOR.JPL.NASA.GOV!root
From: root@VLSI-MENTOR.JPL.NASA.GOV (The vlsi-mentor Super User)
Newsgroups: comp.sys.apollo
Subject: RE: security problems
Message-ID: <9006282011.AA28396@vlsi-mentor.jpl.nasa.gov>
Date: 28 Jun 90 20:11:44 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 15

> I don't see much that an average system administrator can do 
> about Unix password encryption since the *&^%!!! system puts 
> the ^%%HASD&^%%%!!! passwords in a file which *MUST* be publicly 
> readable ... it's things like this that make me *HATE* Unix.

Yea, but not APOLLO. If you keep your rgyds DOWN, nothing can 
access the /etc/passwd file. :) 

BTW, I believe security holes should be broadcast over the net.
This way, they *will* get fixed, and security based upon hidden
information is not secure. 

----
Dave Hayes  dave@vlsi-mentor.jpl.nasa.gov   dave%vlsi-mentor@jpl-mil.jpl.nasa.gov
"The word 'choice' is a fraud when one is taught what to choose."