Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!snorkelwacker.mit.edu!bloom-beacon!eru!hagbard!sunic!mcsun!ukc!slxsys!olgb1!olapw
From: olapw@olgb1.oliv.co.uk (Tony Walton)
Newsgroups: comp.admin.policy
Subject: Re: Student suspended for distributing /etc/passwd
Message-ID: <8@olgb1.oliv.co.uk>
Date: 16 Jun 91 01:33:12 GMT
References: <31124@hydra.gatech.EDU> <1991Jun12.112633.14888@rulway.LeidenUniv.nl> <13457@mentor.cc.purdue.edu>
Reply-To: twalton@attmail.com
Organization: Olivetti Systems & Networks Ltd, U.K.
Lines: 19


IMHO either

1) the student knew that /etc/passwd was a security risk, so should have been
   suspended

or

2) didn't know enough about the system to know what they were doing, so should
   at least have had their system access blocked.  Having been given access
   the assumption IMHO was that they should have known what they were doing,
   so see 1).


as others in this thread have said, of course, /etc/shadow would have removed
the problem before it became a problem
-- 
Think of salad days, they were folly and fun,
they were good, they were young