Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sun-barr!olivea!samsung!sdd.hp.com!uakari.primate.wisc.edu!aplcen!boingo.med.jhu.edu!haven.umd.edu!uvaarpa!murdoch!astsun7.astro.Virginia.EDU!gl8f From: gl8f@astsun7.astro.Virginia.EDU (Greg Lindahl) Newsgroups: comp.org.eff.talk Subject: Re: Student suspended for distributing /etc/passwd Message-ID: <1991Jun21.210556.24756@murdoch.acc.Virginia.EDU> Date: 21 Jun 91 21:05:56 GMT References: <8589@awdprime.UUCP> <8670@awdprime.UUCP> Sender: usenet@murdoch.acc.Virginia.EDU Organization: Department of Astronomy, University of Virginia Lines: 26 In article <8670@awdprime.UUCP> mbrown@testsys.austin.ibm.com (Mark Brown) writes: >I see no reason why I, Sam Harried-Administrator with 2000 users on 25 >systems, should have to investigate the intent of every user who >trips one of my security alarms. Sorry, I guess I wasn't clear. I was saying that users should only be prohibited from doing security checks with evil intent. I don't bother to investigate anyone's intent; my system is secure against the holes that COPS checks for. >I just think it's common courtesy to ask permission first, since I'm >responsible for the system you are "testing" (perhaps with a program >more destructive - witness the Morris case). Which means you think it's OK to say "no" ? >And, since [here comes the flame-bait] student users in general tend to be >more inquisitive and less respectful of the system [flame bait over] >[CAVEAT- I use my own student experience as an example] I would >*require* permission in a University environment. Uhuh. Right. I'm glad you don't work for a university. Btw, I'm a student as well as a system administrator.