Re: sysadmin won't allow linux - PLEASE HELP
You have gotten a lot of responses, mostly addressing technical
aspects and implying a scorn for an admin who doesn't want linux
on his already hetero network.
On Wed, 11 Jul 2001, Brian Stults wrote:
> Hello,
>
> In the fall, I will be starting a new position as Professor of Sociology
> at the University of Florida. When I interviewed, one of my
> requirements was that I be allowed to run linux on my office computer.
> They said it would not be a problem. However, now that I have signed
> the contract and am soon to arrive, they have attached some conditions.
> The most serious condition is that I must sign a document stating that I
> am financially responsible for any cost incurred by the University if
> someone hacks into my computer and causes damage to their network.
> Although I have philosphical objections to this kind of policey, I am
> willing to sign this if that is what it takes because I am quite
> confident about my knowledge of security issues.
Only a fool or a security contractor would say such a contract or
amendment thereto. You are going to be financially responsible for
the possible actions of millions of possibly malicious people.
Ludricious, but likely binding if you sign.
Most likely you have nothing in writing assuring your use of
linux or even of a computer, this leaves you in a weak position
if noone recalls your requirement.
Don't sign and if they wish to fire you get a lawyer.
Someone who runs a network of over 2000 machines is not
clueless, just too busy to keep up with all the changes
in yet another OS, and realizes the possible problems
of not doing so.
The auto updating of debian is not something that will
endear debian to a SA, this means an changing target
coming from some where out there. I wouldn't stress
this.
> Anyway, here is the reason for this call for help. Tomorrow, I must
> talk on the phone with the sysadmin of the College of Liberal Arts and
> Sciences and explain two things: 1) they want to know why I need linux
> instead of using their unix system and having MS Windows on the desktop;
> and 2) they want to know that I am conscious of security issues. If
> anyone has any suggestions for the kinds of things to stress, I would be
> happy to hear them. I plan on emphasizing the fact that I disable most
> services in inetd. The only servers I run are an ssh server and an ftp
> server. I do not allow anonymous ftp, and I tunnel all my ftp transfers
> through ssh. I am the only person with an account on my box. I will
> also emphasize the fact that security updates are available on a daily
> basis through debian's dpkg system.
>
> Here is one concern of theirs, though, that I don't understand. They
> said one problem with linux is that it will trick their network into
> thinking that my linux box is the main server, thus bringing down a
> system of over 2000 users. I cannot imagine how this would happen. The
> only thing I can think of is the issue of the master browser in samba.
> If it is "elected", I suppose my machine could force itself to be the
> server. I don't know enough about samba, though, to know if this is
> possible. However, if I don't run a samba server, it wouldn't be a
> problem, right? Can anyone else think of why this might happen?
I would not worry about this too much, this sounds a little twisted
by being second hand.
Since they have Unix up, they should have a good handle on the
proper setup of a linux box, though not all of the tools names,
etc. Perhaps you can be a test case, they help configure and
attack your box, and of course back it up.
Be friendly, helpful, insistent on your need, adamant about
your right (via assurances at hire).
Don't sign.
rob Live the dream.
Reply to: