Path: utzoo!mnetor!uunet!husc6!bbn!uwmcsd1!ig!jade!ucbvax!VENUS.YCC.YALE.EDU!LEICHTER
From: LEICHTER@VENUS.YCC.YALE.EDU ("Jerry Leichter ", LEICHTER-JERRY@CS.YALE.EDU)
Newsgroups: comp.os.vms
Subject: RE:  You don't have to have NETMBX
Message-ID: <8801141026.AA16673@ucbvax.Berkeley.EDU>
Date: 13 Jan 88 15:33:00 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The ARPA Internet
Lines: 26


	The great NETMBX debate seems to have surfaced. Our users don't have
	NETMBX and they seem happy enough (assuming you ignore all the
	complaints). Ok - so you have to do a lot of installs at system
	startup but this is no big deal if you think about it. I append a copy
	of the file we run to install images from SYSTARTUP a lot of which are
	done to sort out network problems.  From memory, when we set all this
	up there were one or two little things that use user could not do, but
	then they were things we did not want done anyway.

	[The command file that follows installs such things as DIRECTORY,
	COPY, and TYPE with NETMBX.]

Yes, all this will work - but just what is it you think you are gaining?  If
you have left your TASK object enabled, I can already execute any code I want
remotely with COPY, though perhaps not as conveniently.  If you have disabled
the TASK object, about all you've managed to do is prevent some minor spoofing
games that can be played with MAIL and PHONE.  I wouldn't bet on MAIL being
secure anyway, and if PHONE hacking is a problem, it's really easy to track
down the hackers by checking NETSERVER.LOG files.

On the other hand, you've made it impossible to develop or use all sorts of
useful network programs.  As a simple example of the usefulness of transparent
network access, I run a DVI file displayer that reads its fonts from a remote
directory using DECnet.
							-- Jerry