Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utgpu!water!watnot!watmath!clyde!rutgers!dayton!ems!mark From: mark@ems.UUCP Newsgroups: comp.unix.wizards Subject: Re: Userid conventions Message-ID: <160@ems.UUCP> Date: Sat, 14-Mar-87 14:27:06 EST Article-I.D.: ems.160 Posted: Sat Mar 14 14:27:06 1987 Date-Received: Sun, 15-Mar-87 04:40:38 EST References: <4933@brl-adm.ARPA> Sender: news@ems.UUCP Reply-To: mark@ems.UUCP (Mark H. Colburn) Organization: EMS/McGraw-Hill, Eden Pairie, MN Lines: 46 Summary: Com'on people... Ok, I have seen a lot of conversations about the security of unix signons lately. It would seem that protecting a signon can be done in two different ways. The first of these is by protecting the password of a given signon. This is the more traditional way to protect a signon. The second way is to attempt to make the signon itself more secure. On a system where the userid is used for so many different things such as mail, there is a problem with attempting to protect the userid. Another consideration here is that even if the signons are protected, there are several signons that are pretty generic on all Unix systems. Uucp, lp, and adm are a few that come to mind. Changing these may break some utilities that have these id's hardcoded. Besides, most of the security related information that I have read has stated that most of the security breaches come from inside the company, not from malicious hackers on the outside. If we assume that this statement is true, then this opens a whole new set of issues. For example, if a person has a signon, how are you going to ensure security. Commands like su begin to look like major problems, especially since you do not need to know a user id in the first place. If you want a secure system you will need to go to more dramatic extremes than using obfusticating user id's. If you want to protect the system from the outside, don't put modems on your machine. This will gaurentee that outside people will not call in and gain access your machine. If you cannot do this, granted it is extreme, go to a call back scheme. This can be circumvented using call forwarding these days, but once again, this requires that someone that is allowed to call in has allowed a phone to be forwarded. Granted system security is a problem, but making the system harder to use is not a good security practice. This will cause frustration from your users and will actually promote LESS security, not more. -- Mark H. Colburn mark@ems.uucp EMS/McGraw-Hill {rutgers|amdahl|ihnp4}!{dayton|meccts}!ems!mark 9855 West 78th Street Eden Prairie, MN 55344 (612) 829-8200 x235