krempel@pacrat.npac.syr.edu (Henry B.J. Krempel) (12/04/88)
SunOs 4.0 addresses this issue a bit. It has security features that don't allow root to su to a user and be interpreted as that user on an NFS mount. MIT's Project Athena has an authentication service called Kerberous (sp?) that does a more complete job. I'm not sure whether this system is available yet for the Sun. Both systems insure that the user must type his own password at least once before assuming his identity on the network. Henry B. J. Krempel <krempel@pacrat.npac.syr.edu> Syracuse University 250 Machinery Hall Syracuse, N.Y. 13244
karl@cis.ohio-state.edu (Karl Kleinpaste) (12/15/88)
All the software security features in the world won't stop me from hitting L1-A and twiddling memory from the PROM monitor. Let's see, u.u_uid can be found at location, um, ... --Karl [[ That should also be fixed. Perhaps a mode that disallows the "c" command in the PROM monitor? --wnl ]]
galvin-peter@cs.yale.edu (Peter Baer Galvin) (12/30/88)
I spoke to a Sun rep. He said that there is an alternate EEPROM available from Sun which disables the debugging features found in the default one. Maybe Sun sales knows something about it...I haven't asked (yet). --Peter Peter Baer Galvin (203)432-1254 Senior Systems Programmer, Yale Univ. C.S. galvin-peter@cs.yale.edu 51 Prospect St, P.O.Box 2158, Yale Station ucbvax!decvax!yale!galvin-peter New Haven, Ct 06457 galvin-peter@yalecs.bitnet