Path: utzoo!attcan!uunet!husc6!rutgers!att!ulysses!andante!alice!debra
From: debra@alice.UUCP (Paul De Bra)
Newsgroups: news.sysadmin
Subject: Re: Privacy of computer files...
Message-ID: <8431@alice.UUCP>
Date: 15 Nov 88 20:00:58 GMT
References: <183@gloom.UUCP> <1988Nov11.180920.21736@utzoo.uucp> <4746@bsu-cs.UUCP> <935@sword.bellcore.com> <936@sword.bellcore.com>
Reply-To: debra@alice.UUCP ()
Organization: AT&T, Bell Labs
Lines: 34

In article <936@sword.bellcore.com> yba@sabre.bellcore.com (Mark Levine) writes:
>[Thanks James]
>
>I received a reply which rings true, that the law I was thinking of is
>the Federal Computer Privacy Act of 1986.  The writer suggested it allows
>an admin to look at failing mail "as necessary" (but also said he needs to
>read it some more).  Still not sure what is says about the larger question
>(outside mail) -- I would ask anyone with access to the text of the Act to
>post the significant parts.  If I can find our legal department, I intend
>to ask them for guidelines.
>
I don't know to much about legal issues, but it seems odd to me that it
would be illegal to read files that have "r" permission for everyone.

I always assumed that everyone with an account on a system was entitled to
read all the files with "r" permission for everyone. By the same logic it
is not appropriate for root to read files that are not readable to ordinarry
users.

I can't imagine that anyone would feel that the file permissions don't mean
anything and that we are not supposed to look at files even if we have the
file-permission to do so.

Now there are some generally agreed upon exceptions like uucp and mail,
which are accidently world-readable on many machines, due to what i would
call bugs in the way mail and uucp handle permissions. Some versions of
these programs already do it "right".

Paul.

-- 
------------------------------------------------------
|debra@research.att.com   | uunet!research!debra     |
------------------------------------------------------