lmc@denelvx.UUCP (Lyle McElhaney) (01/05/85)
State of the list: Security mail list about to start. Around the first of December I proposed a mail list to exchange wizdom and folklore about the art of keeping secure UNIX systems. The results have been somewhat gratifying. So far, about 120 wizards (and one or two of the fairer variety) have asked to join the list. The discussion concerning how much security the list itself should maintain has been, likewise, interesting. With few exceptions, most the the respondents have opted for no formal security of the list contents themselves (ie, no encryption of the mail). The only unique feature of this list is that I am requesting verification of each requestor from the root user of his machine, or the upstream feed if I can't identify the machine itself. This, of course, is not in itself foolproof, but it has seemed to work. Additionally, I will be sending out a membership list with the first mailing (some time this weekend). I posted (in net.news.sa, highly recommended as regular fare for system admins) a list of those systems through which mail would be spreading from this site to the list requestors, along with an admonition that if any sa felt threatened with this mail passing through the site he was to let me know. As of this point, I have received no complaints. I take it that everyone feels that their uucp files are secure, or just plain don't care (or don't read net.news.sa). In any case, s'be't. If anyone who wanted on the list has not heard from me, pull my chain again. We have had some problems with some of our uucp links; I think everything is now back in order. Membership, administrativia: ...(hao, ihnp4, allegra, csu-cs, nbires, brl-bmd) !denelcor!sec-request material for the list proper: ...denelcor!security flames (sorted by weight after combustion is complete): ...denelcor!lmc Lyle McElhaney