Re: "Small" Bug - silly question again

To: Andreas Rottmann <a.rottmann@gmx.at>
Cc: debian-hurd@lists.debian.org
Subject: Re: "Small" Bug - silly question again
From: da Bobstopper <rmarlow@tartarus.uwa.edu.au>
Date: Mon, 20 Mar 2000 23:45:37 +0800 (WST)
Message-id: <[🔎] 200003201545.XAA01634@zuul.bobturf>
In-reply-to: <[🔎] 87vh2hsmds.fsf@alice.f7.ph4.lan> from Andreas Rottmann at "Mar 20, 2000 04:15:59 pm"

> "Alan P. Laudicina" <alanp@linux.com> writes:
> 
> > On Thu, 16 Mar 2000, Marcus Brinkmann wrote:
> > > You are desperately in need for a shell, to read your email (via IMAP),
> > > browse the net, check a domain name, or whatever. A machine is nearby
> > > running the Hurd.
> > > 
> > > You go to the machine and use it.
> > > 
> > 
> > I started this thread and here is where I comment again.  I see your above
> > example and think of one of my own.  A "script kiddy" gets ahold of a list
> > of usernames and passwords of a machine at fakedomain.com.  He is at the
> > local university and needs a shell to telnet to the machine and use the
> > illegally obtained login and passwords.  A machine running The HURD is
> > nearby...
> > 
> This "script kiddie" will find his/her shell anywhere, even if there
> is no HURD nearby...
> 
Why make it easier???

It seems this whole argument comes down to the argument "So what? if we supply
the login shell or not malicious users are still gonna find a way to be 
malicious". But why make it easy for them? I think we should make it as hard
as possible for script kiddies to do such things to discourage it.

from

da Bobstopper

Reply to:

Follow-Ups:
- Re: "Small" Bug - silly question again
  - From: Roland McGrath <frob@debian.org>

References:
- Re: "Small" Bug - silly question again
  - From: Andreas Rottmann <a.rottmann@gmx.at>

Prev by Date: Re: cross compilation tool versions
Next by Date: Re: "Small" Bug - silly question again
Previous by thread: Re: "Small" Bug - silly question again
Next by thread: Re: "Small" Bug - silly question again
Index(es):
- Date
- Thread