Xref: utzoo unix-pc.general:287 comp.sys.att:2394
Path: utzoo!mnetor!uunet!lll-winken!lll-lcc!ames!umd5!umbc3!alex
From: alex@umbc3.UMD.EDU (Alex S. Crain)
Newsgroups: unix-pc.general,comp.sys.att
Subject: Re: Major security problem in the UA: looking for a real fix
Message-ID: <773@umbc3.UMD.EDU>
Date: 5 Feb 88 03:05:03 GMT
References: <1023@woton.UUCP> <2017@bsu-cs.UUCP> <1024@woton.UUCP>
Reply-To: alex@umbc3.UMD.EDU (Alex S. Crain)
Organization: University of Maryland, Baltimore County
Lines: 26
Keywords: UNIX PC, UA, security hole

>Sorry, but I don't consider that argument good enough.  AT&T sold us
>the UNIX PC for use in a multi-user office/research environment, and
>its chief selling point was that it was a personal computer running
>UNIX.  Any machine which runs UNIX should have (at least!) normal UNIX
>security.  If we had wanted the vulnerability to error and abuse of the
>security-free DOS world, we would have bought a DOS machine. 

	The unixpc *does* have unix security. I can break security on my
unixpc just like I can on a vax 11-785 ! (:-)

	My solution to the UA security holes was to remove the UA from the 
system. Windows are too slow over a 1200 baud serial line. (I actually
didn't remove it, just locked it up and left install as a ua driven user. 
When I'm onvinced that I no longer need it (real soon now) it will go away
for good.)

	If this sounds to extream, I will point out that window shells
in general are prone to security problems, the sperry sysV box we had at school
took 20 minutes to break the first time we logged on (we didn't have accounts)
and most of that time was waiting for the screens to set up!

	The best solution to a guest login is rsh, the best solution to a 
problem user is to install their home directory on a floppy disk.
-- 
					:alex.

nerwin!alex@umbc3.umd.edu
alex@umbc3.umd.edu