Date: Thu, 22 Feb 2001 17:12:03 -0600 From: Mike Meyer <mwm@mired.org> To: "Crist J. Clark" <cjclark@reflexnet.net> Cc: questions@freebsd.org Subject: Re: login-MODEM Message-ID: <14997.40131.841034.409696@guru.mired.org> In-Reply-To: <100097486@toto.iv>
next in thread | previous in thread | raw e-mail | index | archive | help
Crist J. Clark <cjclark@reflexnet.net> types: > On Thu, Feb 22, 2001 at 12:59:10AM -0800, Ted Mittelstaedt wrote: > *boggle* > It is pretty much assumed that if a user can get local, he can get > root. [...] > > Rubbish - your making things way hard for yourself. UNIX already has > > excellent security for this - you just need to understand it. > UNIX does not have strong security. It was not originally designed for > security. BSD Unix was developed in an environment where shell accounts were provided to undergrads as a matter of course. Some of the brightest lights in the Unix world went through the UCB CS department, and those systems were exposed to their attacks. Sure, the security model is a minimal one, but it was adequate for that environment. While the nature of the world has changed somewhat, providing shell accounts isn't radically different from any other service. Yes, it means you've added a new set of security risks, but there are ISPs willing to deal with that. About half the ones I've used, for instance. Some of them are run by people who were berkeley undergrads during that era. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14997.40131.841034.409696>