Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!uwm.edu!linac!mp.cs.niu.edu!rickert From: rickert@mp.cs.niu.edu (Neil Rickert) Newsgroups: comp.unix.admin Subject: Re: Advice, opinions, and ideas sought. Keywords: Keywords? I don't need no stinkin' keywords! Message-ID: <1991Jun26.120235.27892@mp.cs.niu.edu> Date: 26 Jun 91 12:02:35 GMT References: <1991Jun26.055943.26481@usenet.ins.cwru.edu> Organization: Northern Illinois University Lines: 30 In article <1991Jun26.055943.26481@usenet.ins.cwru.edu> mike@snowhite.EEAP.CWRU.Edu (Mike Sidman) writes: > >The first deals with the distribution of accounts. I am wondering >if any of you have a policy for giving out accounts on a departmental >UNIX machine. For example, if a student says he/she wants an account, >what is an exceptable explanation for their request? Also, what type Originally this was handled on an ad hoc basis. It worked well. Then we were connected to Internet, and the ad hoc approach broke down. As a result an acceptable explanation consists of a request from the department chairman. A requester, whether student or faculty from another department, is advised to request access in writing to the dept chair. >The second deals with security. How would you monitor or approach >person "A" if a different person (person "B" - friend, curious quasi- >hacker, etc.) is utilizing person "A"'s account? If person "A" complains, the password is changed. If person "A" does not complain, it is assumed that person "B" has been authorized by person "A", and it is moreover assumed that person "A" accepts full responsibility for any abuses that may be carried out by person "B" while using this account. Unless you want to pull the plug on all modems, and have a heavy guarding the door and checking photo IDs, any more restrictive policy quickly becomes unworkable. -- =*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*= Neil W. Rickert, Computer Science Northern Illinois Univ. DeKalb, IL 60115 +1-815-753-6940