Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!henry From: henry@utzoo.UUCP (Henry Spencer) Newsgroups: net.text,net.unix Subject: Re: Use of ``vi'' for business office word-processing Message-ID: <7193@utzoo.UUCP> Date: Mon, 6-Oct-86 15:26:17 EDT Article-I.D.: utzoo.7193 Posted: Mon Oct 6 15:26:17 1986 Date-Received: Mon, 6-Oct-86 15:26:17 EDT References: <1246@kitty.UUCP> Organization: U of Toronto Zoology Lines: 34 > Most of the examples you cite (locked drawers, hairpins in locks) concern > concerted and deliberiate attempts to breach security. My original article > was more concerned with the casual snoop. The average UNIX system is more > likely to have casual pokers-around and security-testers then most OA systems. If you don't have casual pokers-around and security-testers wandering around your office, I see no reason why you should let them onto your office Unix. The average Unix system -- where "average" is defined in terms of the numbers of systems in the field -- is a small-business system with no dialups, no public terminals, and most certainly no undergraduate-student accounts. Actually, even on a "classical" Unix system, in a university environment with student access, casual snoopers can be fended off quite effectively by tactics like restrictive umask settings. Defending against serious crackers in such an environment does indeed require a lot of work. > Many perceive a big difference between looking in the corners of a file > system and snooping through someone else's desk. They're the ones I was > writing about. There is somewhat less of a difference between having to break security to read a file and having to pick a lock to go through a desk, however. Agreed that many people feel uninhibited about inspecting files whose owner has made no effort to protect them, but this is more of a question of educating the owners: they need to realize (or have it realized for them, by the person who sets up the accounts and decides on the umask setting) that the system as a whole is a *public* environment, like a building corridor, and some effort must be made to protect files if they are not to be exposed to one and all. If the users aren't aware of this and the person who set up the system hasn't done anything about it, somebody is guilty of seriously unprofessional negligence. -- Henry Spencer @ U of Toronto Zoology {allegra,ihnp4,decvax,pyramid}!utzoo!henry