Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10 5/3/83; site oliveb.UUCP
Path: utzoo!watmath!clyde!burl!ulysses!harpo!seismo!hao!hplabs!oliveb!jerry
From: jerry@oliveb.UUCP (Jerry Aguirre)
Newsgroups: net.unix-wizards
Subject: Re: Auto-logoff facility in Unix
Message-ID: <334@oliveb.UUCP>
Date: Sun, 29-Apr-84 17:02:04 EDT
Article-I.D.: oliveb.334
Posted: Sun Apr 29 17:02:04 1984
Date-Received: Tue, 1-May-84 07:17:07 EDT
References: hcrvax.379 <1744@iedl02.UUCP>
Organization: Olivetti ATC, Cupertino, Ca
Lines: 27

The people responding the request for an auto-logout facility seem to
see it as an attempt to reduce load to the system or make terminals
available.  I see it as a security issue.  It is not uncommon for
users to leave their terminals logged on for the entire weekend.
Any one with physical access to their terminal can override their
security.  Just ask yourself if there is anyone who is mean or
stupid enough to do a rm -rf ~/. on your terminal.  All the recent
discussion about the password algorithm and picking difficult
passwords is worthless if the penetrator can just wait for someone
to go to lunch and then use his terminal.

And before someone complains about the user getting what he deserves,
remember that it is the Unix support group who has to restore his
files!  The user gets the morning off and a good excuse for having his
project late.  Unix gets a reputation for loosing files or having poor
security.

I have heard from several sources this idea of idle users loading
the system.  As I understand it the user is tying up a process slot
and some swap space.  If the user wasn't using the process slot
there would be a getty running in it.  It seems to me that the
overhead for logging out and back in is greater than any savings.
Is this idle user loading bunk or is there a legitimate reason
(besides security) for logging off between sessions?

					    Jerry Aguirre
    {hplabs|fortune|ios|tolerant|allegra|tymix}!oliveb!jerry