Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!mips!pacbell.com!att!princeton!njin!birchall
From: birchall@pilot.njin.net (Official Random)
Newsgroups: comp.admin.policy
Subject: Re: SUSPEND SYSOPS, NOT STUDENTS
Message-ID: <Jun.12.22.13.31.1991.14344@pilot.njin.net>
Date: 13 Jun 91 02:13:35 GMT
References: <20740@slice.ooc.uva.nl>
Organization: New Jersey Intercampus Network
Lines: 24

I'm with the dutchman on this... it's not nice to go around taking other folk's
accounts, but if I do a grep :: /etc/passwd, and get ANYTHING back (other than
maybe a root or uucp), there are people using the machine that just plain should
not be allowed near anything more powerful than a Z-80 based CP/M machine.  The
fault is not to be solely lain on the "hackers."  As administrators, you (we?)
should have the intelligence to explain THOROUGHLY to users exactly how to set
a password that can't be easily compromised.  We should also have the common 
sense to occasionally DO a grep :: /etc/passwd and either notify those users
who don't have the sentience to set passwords, or set their shells and ~dirs
to /dev/nul or some such :)

[Note: I am not a true "Administrator."  I am, by most meanings, a "Hacker."
I tend to use resources that no one else needs or wants.  If I find a security
hole, I notify the appropriate authorities.]

		-sh

birchall@pilot.njin.net  birchall@njin.bitnet  shag@mercury.njit.edu
shag@mercury.bitnet  shag@gnu.ai.mit.edu  shag@glia.biostr.washington.edu
shag@nyx.cs.du.edu  shag@shadowfax.cs.utk.edu
-- 
-------------------
Shag is. Nuff said.
-------------------