Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!watmath!clyde!caip!rutgers!husc6!mit-eddie!genrad!decvax!ucbvax!jade!eris!mwm From: mwm@eris.berkeley.edu (Mike (Don't have strength to leave) Meyer) Newsgroups: net.unix Subject: Re: Looking through other users' (unprotected) files Message-ID: <1501@jade.BERKELEY.EDU> Date: Thu, 23-Oct-86 03:28:21 EDT Article-I.D.: jade.1501 Posted: Thu Oct 23 03:28:21 1986 Date-Received: Fri, 24-Oct-86 08:17:16 EDT References: <1246@kitty.UUCP> <141@rayssd.UUCP> <2433@phri.UUCP> Sender: usenet@jade.BERKELEY.EDU Reply-To: mwm@eris.UUCP (Mike (Don't have strength to leave) Meyer) Organization: Missionaria Phonibalonica Lines: 66 In article <2849@rsch.WISC.EDU> mcvoy@rsch.WISC.EDU (Lawrence W. McVoy) writes: >In article <3561@mit-eddie.MIT.EDU> jbs@mit-eddie.UUCP (Jeff Siegal) writes: >>Does someone's home being unlocked give you the right to violate it >>without permission? Does someone's desk being unlocked, or in an >>unlocked office give you the right to look through it? Does someone's >>files being in a world-readable directory, or set world-readable give >>you the right to read them. I think not. > >>Jeff Siegal > >Well, Jeff, you are 100% wrong here. The analogy between a home and a >computer is not in any way shape or form a valid one. Unless that disk >that is spinning around belongs to you personally, you can't tell me >which bytes I can and cannot look at by suggesting that it is immoral >for me to look at bytes without my name on them. You have been given >a means by which you may deny me access. If you choose not use this >mechanism, then you have given me implicit permission to look at your >files. No, it's perfectly valid. Unless you own the disk, you have no right to assume that you can look at anything that DOESN'T have your name on it. Let's look at YOUR version of the analogy, and see how it works in the real world. > If you insist on a real world analogy, try this: it's as if >someone said, "Here, use my house. There are other people that I let >use my house, so here are some keys. Use them to lock up your stuff. >If you don't, anyone else can play with your stuff, just as you may >play with anything you find." See the difference? It's not *your* >house, it's everyones' house. Would you rent an apartment under those conditions? I damned well wouldn't. Would you get upset if you left your door unlocked while you left for a short time, and came back and found your neighbors rummaging around in your apartment? How about your landlord? Most people would, and that's because the defaults for the real world are that your home & property are private, unless you give permission for others to play with them. If the conditions differ from the default, then this should be stated FROM THE START. I hope you see the problem with your analogy - you want to make the default conditions different from the real world, and assume that you don't have to tell people that this is so. And note that this still isn't *my* house, someone else owns the building. And it isn't "everybody," either. The same applies to a computer - someone owns the thing, and chances are that it isn't "the users." Like a landlord, if you run the system, you can use whatever rules you like. But if the defaults are different from the real world, the onus is on YOU to make sure that users know it. If the rules are "anybody can read anything," then that's fine - so long as you tell the users. Likewise, if the rules are "reading files you don't own without permission is a criminal act," this is also fine. And since that's the way the real world works, that's the correct default. [Of course, you should still tell people that there may be users with defective ethical systems, and that NOTHING is save from being read by others. Like the quote that started this - if you leave the door unlocked and someone rummages around in your home, you don't have much room to complain. But the rummagers actions are still illegal and unethical.]