Xref: utzoo sci.crypt:1436 comp.unix.wizards:13751 news.sysadmin:2018
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!uwvax!dave@cs.wisc.edu
From: dave@cs.wisc.edu (Dave Cohrs)
Newsgroups: sci.crypt,comp.unix.wizards,news.sysadmin
Subject: Re: Yet Another useful paper
Message-ID: <6943@spool.cs.wisc.edu>
Date: 29 Dec 88 19:29:06 GMT
References: <11013@ulysses.homer.nj.att.com> <2308@cuuxb.ATT.COM> <12750@bellcore.bellcore.com> <1988Dec26.151208.19016@ziebmef.uucp> <13022@bellcore.bellcore.com> <276@gloom.UUCP>
Sender: news@spool.cs.wisc.edu
Reply-To: dave@cs.wisc.edu (Dave Cohrs)
Organization: U of Wisconsin CS Dept
Lines: 34

In article <276@gloom.UUCP> cory@gloom.UUCP (Cory Kempf) writes:
>Let's see if I have this right... you are going to allow the
>workstation that is sitting on my desk to convince another system that
>I am me, right?
>
>This workstation that I can bring down if I want, and bring back up in
>single user mode?  With me in the playing the part of root?  

There are types of networking hardware that make it much easier
to detect when your workstation is rebooted (or whatever).  Don't assume
that all the world's an Ethernet.

Also, if I read Phil correctly, he's talking about having you, the
user, authenticate the workstation as *yours*.  That is, you have to
go though some authentication protocol, giving your password, which
would give your workstation some cookie that said "this workstation
belongs to cory", and that this cookie could be verified to be
authentic in some way without you, the user, doing anything more.
Supposedly, if you hadn't authenticated yourself using the standard,
approved of procedure, you wouldn't be able to make a valid cookie
yourself, and no other computer would believe your workstation's lie.

If being root on your workstation can spoof the authentication
mechanism, then it's pretty useless in the grand scheme of things.
Yes, rlogin is too trusting.

Placing your UID in a magical location in every packet your
workstation sends out, or some other equally naive mechanism (the kind
that you appear to be assuming), is not quite up to the level of
security that Phil seems to be talking about.
--
Dave Cohrs
+1 608 262-6617                        UW-Madison Computer Sciences Department
dave@cs.wisc.edu                       ...!{harvard,rutgers,ucbvax}!uwvax!dave