Re: Does Security matter at all?
On Tue, Jul 04, 2000 at 11:51:16PM -0400, Thomas Bushnell, BSG wrote:
> At MIT, we took the approach long ago that physical access was enough
> to give total power over the machine.
>
> So we built a network infrastructure of services that assumed that
> users in clusters had root, we published the root password (orignally
> it was published in the papers that described the Athena system), and
> we set the users free.
Of course, that makes a big difference in how many of your users use the
computers. Given the root password, I wouldn't hesitate to run, say,
apt-get install gnat on any computer I needed to, whereas I probably
wouldn't do that on a system that I merely had access to, even knowing
of trivially simple exploits. Even if it doesn't make a difference in
what a malicious user can or will do, it makes a lot of difference for
an honest user.
--
David Starner - dstarner98@aasaa.ofe.org
http/ftp: x8b4e53cd.dhcp.okstate.edu
"A dynamic character with an ability to survive certain death and
a questionable death scene leaving no corpse? Face it, we'll never
see her again." - Sluggy Freelance
Reply to: