Xref: utzoo comp.unix.questions:5783 comp.unix.wizards:6672 news.sysadmin:571
Path: utzoo!mnetor!uunet!lll-winken!lll-lcc!pyramid!csg
From: csg@pyramid.pyramid.com (Carl S. Gutekunst)
Newsgroups: comp.unix.questions,comp.unix.wizards,news.sysadmin
Subject: Re: Usenet Security
Message-ID: <15477@pyramid.pyramid.com>
Date: 24 Feb 88 23:39:18 GMT
References: <893@ima.ISC.COM>
Reply-To: csg@pyramid.UUCP (Carl S. Gutekunst)
Organization: Pyramid Technology Corp., Mountain View, CA
Lines: 19
Keywords: usenet uucp security access intruders

Bravo, Andy! Concise, complete, and correct. Just some comments:

In article <893@ima.ISC.COM> trb@ima.UUCP (Andrew Tannenbaum) writes:
>Actually, I think ", /" doesn't work in most older uucp's, you have to put
>the line in twice because of weird parsing problems with null USERFILE
>descriptors.

Correct. That problem was finally fixed in Tom Truscott's late 4.2BSD version,
and is still present in many BSD-based systems, including Sun. For more info,
see the 4.3BSD USERFILE(5) man page.

>The Permissions file has been one of the major selling points for BNU uucp.

The security features of BNU/HDB are *THE* selling point, in my opinion. The
4.3BSD UUCP is nearly the equal of HDB in many repects, and the newest version
will be superior in many. But when it comes to security, HDB reigns surpreme
and will for the forseeable future. Any site that plans to use UUCP and wants
to be secure should be running HDB. 

<csg>