Path: utzoo!utgpu!attcan!uunet!seismo!sundc!pitstop!sun!amdcad!ames!ucsd!rutgers!apple!epimass!jbuck
From: jbuck@epimass.EPI.COM (Joe Buck)
Newsgroups: comp.mail.uucp
Subject: Re: problems with att multiple-machine approach?
Message-ID: <2519@epimass.EPI.COM>
Date: 4 Oct 88 18:46:05 GMT
References: <1988Sep23.105347.652@lsuc.uucp> <2300@att.ATT.COM> <1988Sep29.210829.29073@lsuc.uucp> <1988Oct3.115720.2175@ateng.ateng.com>
Reply-To: jbuck@epimass.EPI.COM (Joe Buck)
Organization: Entropic Processing, Inc., Cupertino, CA
Lines: 21

David Sherman:
>>Uh, yeah.  Not to get snarky or anything, but many years ago
>>someone came up with this wonderful idea called a PASSWORD.
>>Just give each machine its own login.
Chip Salzenberg:
>...which solves nothing.  If I (ateng) have a UUCP login on att, then I
>can change my nodename to uunet and then use the 'ateng' login.  Presto,
>I've logged in successfully and picked up uunet's mail.

Not if att is ran HDB uucp, assigned a different account and password
to each neighbor, and used the VALIDATE keyword in their Permissions
file.  If Permissions is set up correctly, then the only way for att
to believe that you are uunet is to log in with uunet's password.  I'm
told that the 4.3 UUCP has similar features.  We can make the UUCP
network a lot more secure than it is now with very little work, and
major mail hubs should especially concentrate on this.

-- 
- Joe Buck, card-carrying ACLU liberal
	jbuck@epimass.epi.com, or uunet!epimass.epi.com!jbuck,
	or jbuck%epimass.epi.com@uunet.uu.net for old Arpa sites