Xref: utzoo comp.unix.programmer:1347 alt.sources.d:1631
Path: utzoo!news-server.csri.toronto.edu!rpi!usc!cs.utexas.edu!samsung!sol.ctr.columbia.edu!ira.uka.de!smurf!altger!doitcr!de.intel.com!intelhf!agora!toontown!sequent!mntgfx!qiclab!m2xenix!percy!tektronix!zephyr.ens.tek.com!uunet!spool.mu.edu!sdd.hp.com!zaphod.mps.ohio-state.edu!wuarchive!csus.edu!nic.csu.net!csun!kithrup!sef
From: sef@kithrup.COM (Sean Eric Fagan)
Newsgroups: comp.unix.programmer,alt.sources.d
Subject: Re: -x implementations
Message-ID: <1991Mar12.102013.2252@kithrup.COM>
Date: 12 Mar 91 10:20:13 GMT
References: <QMY9-24@xds13.ferranti.com> <1991Mar08.19402.5369@kithrup.COM> <S3+9E31@xds13.ferranti.com>
Organization: Kithrup Enterprises, Ltd.
Lines: 15

In article <S3+9E31@xds13.ferranti.com> peter@ficc.ferranti.com (Peter da Silva) writes:
>Does "auth" have write access to these files? If so then you haven't changed
>the problem any. Just made it more obscure. Nothing that someone with adb
>and a little determination couldn't crack.

As a matter of fact, the files are accessible to those who know where they
are (assuming they are in group auth).  Note, btw, that I don't think this
is any more insecure than any other unix with multiple groups; you just
don't put people in group auth 8-).

-- 
Sean Eric Fagan  | "I made the universe, but please don't blame me for it;
sef@kithrup.COM  |  I had a bellyache at the time."
-----------------+           -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.