Path: utzoo!attcan!uunet!bu.edu!att!emory!wuarchive!cs.utexas.edu!news-server.csri.toronto.edu!helios.physics.utoronto.ca!alchemy.chem.utoronto.ca!system
From: system@alchemy.chem.utoronto.ca (System Admin (Mike Peterson))
Newsgroups: comp.sys.apollo
Subject: (was Re: Registry problems AGAIN)
Message-ID: <1990Oct31.172607.6456@alchemy.chem.utoronto.ca>
Date: 31 Oct 90 17:26:07 GMT
References: <9010302021.AB01586@meto.UMD.EDU> <4db69e88.1bc5b@pisa.ifs.umich.edu>
Organization: University of Toronto Chemistry Department
Lines: 23

In article <4db69e88.1bc5b@pisa.ifs.umich.edu> rees@citi.umich.edu (Jim Rees) writes:
>In article <9010302021.AB01586@meto.UMD.EDU>, austin@METO.UMD.EDU (Austin L. Conaty) writes:
>  It is sort of funnnnny that a root crp'd on has limited
>  rights when joe schmoe can walk in type shut, ex invol
>  option 1, and really ruin your day.
>
>That's not funny at all, that's the way it should be.  Joe can always walk
>in with an arm full of explosives and ruin more than just the software.  If
>you want the machine to be secure, you have to secure it from physical
>access as well as network access.

Allowing any user/twit to do shut/exit from the display is RIDICULOUS - the only
way to secure the system is to put the display away in a locked room, which
makes it really useful for doing work :-(. We already have all the
cpu boxes in a locked room, with only the monitor/keyboard cables coming
out in a public access room, to keep busy fingers off the RESET and
power buttons. All commands that would shut the system
from a shell have got 750 permissions on them, in case you're wondering.
BTW, this is supposed to REALLY be fixed in SR10.3, I'm told.
-- 
Mike Peterson, System Administrator, U/Toronto Department of Chemistry
E-mail: system@alchemy.chem.utoronto.ca
Tel: (416) 978-7094                  Fax: (416) 978-8775