mbkennel@phoenix.Princeton.EDU (Matthew B. Kennel) (10/17/88)
If the optical disks on the Next machine are removable and writable, then presumably the user of such a machine can write to his disk and basically give himself root privileges. In that case, in a networked environment, he can pretend to be any other user. How does a mail server, for example, know that a specific userid is actually logged on to some node, or if it's some hacker masqureading as the user? Encryption/decryption of all files? Same goes for remotely mounted volumes. I'm sure this problem has been looked at before, but the Next computer seems like it will be the first time that this will be a prevalent problem. Most Sun or Apollo clusters generally run diskless, or at least with some central userid clearing house. But apparently Jobs want you to be able to take your disk with all your work on it to any Next machine you can find: this is very different from most present workstation clusters, and would seem to make validation very difficult. Matt Kennel mbkennel@phoenix.princeton.edu
crum@lipari.usc.edu (Gary L. Crum) (10/17/88)
In article <4006@phoenix.Princeton.EDU> mbkennel@phoenix.Princeton.EDU (Matthew B. Kennel) writes: > >In that case, in a networked environment, he can pretend to be any other >user. How does a mail server, for example, know that a specific userid >is actually logged on to some node, or if it's some hacker masqureading >as the user? Encryption/decryption of all files? Same goes for >remotely mounted volumes. > Even without root privileges, any user of a BSD UNIX machine connected to the Internet can forge mail, using only the telnet program and knowledge of SMTP. I would broadcast instructions for this if I thought it would cause administrators everywhere to adopt a more sophisticated mail protocol sooner. Last year when I lived in Salt Lake City I felt that low security levels along with advertised policy announcements were sufficient and even best for academic environments, but after having my orange juice wrongfully taken and consumed from the USC CS department refrigerator even though I had labeled it with my name, I am becoming more fascist. See my article in alt.next for more discussion about the repercussions of mixing UNIX with personal computing. Why all the cross-posting? Funnel discussions about the NeXT computer to alt.next, please, even if the newsgroup name is not ideal. Gary
debra@alice.UUCP (Paul De Bra) (10/17/88)
In article <4006@phoenix.Princeton.EDU> mbkennel@phoenix.Princeton.EDU (Matthew B. Kennel) writes: >If the optical disks on the Next machine are removable and writable, >then presumably the user of such a machine can write to his disk and >basically give himself root privileges. >... >I'm sure this problem has been looked at before, but the Next computer seems >like it will be the first time that this will be a prevalent problem. > Wrong: the AT, the Mac II, and any other system with removable storage basically provides the same problems. One can boot these machines from floppies with g*d knows what (suid) programs on them. Any network that has workstations with removable media is subject to this problem. Backup cartridges are not much more secure than floppies either (though writing a working bootable file system on a tape is usually a little more difficult). Paul. -- ------------------------------------------------------------------------- |debra@research.att.com | uunet!research!debra | att!grumpy!debra | -------------------------------------------------------------------------