Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!ll-xn!mit-eddie!mit-trillian!yba
From: yba@mit-trillian.MIT.EDU (Mark H Levine)
Newsgroups: net.unix
Subject: Re: Looking through other users' (unprotected) files
Message-ID: <1317@mit-trillian.MIT.EDU>
Date: Wed, 22-Oct-86 13:00:42 EDT
Article-I.D.: mit-tril.1317
Posted: Wed Oct 22 13:00:42 1986
Date-Received: Wed, 22-Oct-86 23:16:09 EDT
References: <1246@kitty.UUCP> <141@rayssd.UUCP> <2433@phri.UUCP>
Reply-To: yba@mit-athena.UUCP (Mark H Levine)
Organization: MIT Project Athena
Lines: 38

In article <1759@tektools.UUCP> jerryp@tektools.UUCP (Jerry Peek) writes:
>In article <810@aimmi.UUCP> gilbert@aimmi.UUCP (Gilbert Cockton) writes:
>The first things a new user should be taught include:
>	- how to use "chmod" to make a "personal" (safe) directory and
>	- how to use "chmod" to protect an individual file.
>Not using "chmod", then screaming about someone reading your files, is like
>not locking your house and complaining when a burglar walks in.

That seems a bit strong. 

At  our place, there is a Committee on Privacy that worries about
such things.  Their major concern was that we could not teach our
four or  five  thousand  novices  about  chmod  BEFORE  they  had
casually  created private files which others would then browse --
in other words: were users giving informed consent or just  using
a defualt of "friendly" which novices (the reasonable man?) would
not  expect?  (Imagine you stayed at a hotel where the door locks
only worked if you called the desk to have them turned on --  the
normal  expectation is that the door locks when you close it, and
only you and the maid can get in; only a UNIX hotel  is  open  to
visitors at all hours). 

The  compromise we use is to start new users off with a directory
mode of 0711  (allows  file  references  IF  they  gave  you  the
pathname),  and  a umask which only allows the user access.  This
puts the burden on a user to learn how to share his files  rather
than to learn how to protect them.  While it runs contrary to the
UNIX  tradition,  it  is  probably  a  good  compromise  for  the
uninitiated.

There seems to be more potential for damage  in  having  people's
private data made public accidentally than in putting a stumbling
block  in  the  way  of sharing data intentionally.  We also tell
users loudly the system is not secure, and they should  not  have
any sensitive data on a UNIX machine with a network connection.

-- 
Eleazor bar Shimon, Carolingia