Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utgpu!water!watmath!clyde!burl!codas!mtune!quincy!lenny From: lenny@quincy.UUCP Newsgroups: unix-pc.general,comp.sys.att Subject: Re: Irresponsibility (Was: Security problem on UNIX PC's) Message-ID: <55@quincy.UUCP> Date: Sun, 27-Sep-87 15:20:07 EDT Article-I.D.: quincy.55 Posted: Sun Sep 27 15:20:07 1987 Date-Received: Tue, 29-Sep-87 00:54:41 EDT References: <54@quincy.UUCP> <149@manta.UUCP> Organization: American LP Systems, Inc., Islandia, NY Lines: 48 Keywords: security, root, problem, unix-pc Xref: utgpu junk:5875 comp.sys.att:1153 In article <149@manta.UUCP>, brant@manta.UUCP (Brant Cheikes) writes: > > The Unix PC system was clearly designed for use in "non-hostile" > environments, where the few security problems that exist (and there > are others) are not important. [...] Almost any environment given the correct circumstances can be "hostile." I wouldn't call displaying you Applications package at a show hostile, but given the person with the know-how... > However, there may be people on the net using these machines in > environments where security is important, thus we are responsible for > not putting those users in jeopardy. As a result, it's irresponsible > to post articles giving exact directions for violating system security. Brant, I was *NOT* giving the people the "DIRECTIONS" for HACKING a machine, on the contrary I was trying to help those people who are not experienced Administrators (especially those who took advantage to the "fire-sale" on 3B1's and know little about there hardware/software) to PROTECT their machine from possible illicit entry. Each and every "flaw" I detailed can be easily protected against with good adminstration. There are others that I know of that are a little more difficult, but nothing is IMPOSSIBLE. > Even if you're not personally affected, that doesn't give you the > right to post (or encourage others to post) how-to's on system cracking. > Your one thoughtless posting certainly did far more damage than good. Those people (me INCLUDED) that leave their machines connected to PHONE lines and are using Usenet HAVE TO BE AWARE of the possibility of problems, and ways to AVOID them. I wasn't "THOUGHTLESS" just CONCERNED! I would like to put my system up as a BBS someday (but I'm afaid of giving anyone SHELL- ACCESS)... The only way to make a totally secure (?) UNIX is do what Gould did ... make a filesystem (or directory) and chroot to it and only put what is necessary to SURVIVE without super-user priviledge. Again, Brant, I'm sorry if I upset you? But I have had very good response (mail-wise) for people who saw my article and thanked me for enlightening them! I'm sorry you weren't one of them. Lenny Tropiano ICUS Adminstrator ...quincy!icus!lenny -- Lenny Tropiano ...seismo!uunet!swlabs!godfre!quincy!lenny -or- American LP Systems, Inc. ...cmcl2!phri!gor!helm!quincy!lenny -or- 1777-18 Veterans Memorial Hwy. ...mtune!quincy!lenny -or Islandia, New York 11722 +1 516-582-5525 ...ihnp4!icus!quincy!lenny