Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!zaphod.mps.ohio-state.edu!pacific.mps.ohio-state.edu!linac!att!ucbvax!ulysses!ulysses.att.com!smb
From: smb@ulysses.att.com (Steven Bellovin)
Newsgroups: comp.unix.wizards
Subject: Re: What makes one problem more significant
Message-ID: <14821@ulysses.att.com>
Date: 17 May 91 17:26:35 GMT
References: <25239:May1416:21:3591@kramden.acf.nyu.edu> <16155@smoke.brl.mil> <16164@smoke.brl.mil>
Sender: netnews@ulysses.att.com
Lines: 23

In article <16164@smoke.brl.mil>, gwyn@smoke.brl.mil (Doug Gwyn) writes:
} I'm not sure I quite understood these categories.  Are they the same as:
} 	1. secure against attack by outsiders
} 	2. secure against attack by insiders
} 	3. secure against accidents
} In these terms, we generally consider category #2 to be something that
} can be dealt with by administrative action, and category #3 is expected
} to be handled by the operating system.  The login password system ought
} to be sufficient to cope with category #1; however, with the advent of
} ..rhosts and NFS there are a lot of new holes to plug.
} 
} I think Dan was going after a problem in category #2, which I don't
} find particularly interesting.

My concerns, and probably Dan's, are twofold.  First, in a comparatively
uncontrolled environment -- say, a university, where the comp center
has to take more or less all comers -- a lot of damage can be done
before the administative procedures are used.  Second, and more serious,
I worry about hackers breaking in to your system via some bug, and then
using it to launch attacks on others.  Collecting passwords is a time-honored
hacker technique.

		--Steve Bellovin