Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!caen.engin.umich.edu!hobbes From: hobbes@caen.engin.umich.edu (Steven J Mattson) Newsgroups: comp.sys.next Subject: Re: Security and defaults. Message-ID: <43bab2f1.19ac2@wasp.engin.umich.edu> Date: 9 Jun 89 15:30:00 GMT References: <51542@tut.cis.ohio-state.edu> Organization: U of M Engineering, Ann Arbor, Mich. Lines: 28 From article <51542@tut.cis.ohio-state.edu>, by jgreely@lisa.cis.ohio-state.edu (J Greely): > [Lots of helpful info, punctuated with cigarette smoke.] While I may have oversimplified some of the problems with the machine in my last message, I think jgreely's response serves to prove my point. There's been a lot of vapor vented in this group over things that could be just simply stated and discussed. Jgreely did just that, and people who aren't system administrators probably learned more about how to protect things in that one message than previously ever in comp.sys.next. Go read it again. I agree with him that we're probably not going to protect a lab machine completely from the determined hacker but as long as people don't do anything foolish like trust lab machines then big deal. If you're good enough you can do anything you want to any machine you can get physical access to, period. But still, the machine isn't supposed to be "Unix knowledge required" in a standalone setting. While a good number of the people here are system administrators and do know what's going on, Joe Prof. doesn't. As a support person I'd rather have to only reconfigure those machines that Profs want to the network than have to preconfigure everything into every machine and explain to him what doesn't work the way his documentation says it should for options he doesn't even want. If he wants our services, then it's our job to make things as painless as possible for him so that he can get on with his work. -Steve Mattson Computer Aided Engineering Network ANYONE can edit University of Michigan a text file to hobbes@caen.engin.umich.edu his own advantage.