db@argon.Eng.Sun.COM (David Brownell) (06/14/91)
Michael Covington writes: > -- My point is extremely simple: honest people don't even TRY to > break into other people's accounts or obtain passwords without > authorization. Security holes or not! Running COPS need have nothing to do with breaking into accounts. Honest people don't have to be stupid -- they will often recognize that not everyone is trustworthy. If you have access to a computer and want to use it for some moderately sensitive data or procedure, it's common sense for even an honest person to check to see if it's secure enough for the intended purpose. COPS will help do that. Also, even honest people make mistakes. COPS can tell me if I made a mistake and have potentially left my account subject to breakin. (System administrators can run COPS, too -- to see if their systems are as secure as they want them to be. If they don't, they're partly to blame for consequent system breakins; they should be letting their users know that their system is known to have low security. Not that COPS is complete; it ignores NFS security issues, for example.) It'd be nice if it were possible to see whether a password is easily guessed without actually guessing it ... but I can't quite see how that would work. If COPS didn't print out passwords after guessing them, the source could easily be "fixed". Today's solution to that problem is password files! - Dave
db@argon.Eng.Sun.COM (David Brownell) (06/14/91)
My previous note had a bad edit, sorry. Correction: > If COPS didn't print out passwords after guessing > them, the source could easily be "fixed". Today's solution to that > problem is password files! ^^^^^^^^^^^^^^^^^^ That should be: "is shadow password files". This seems to be the root of the whole "debate" here, that one site chose not to use shadow (or "adjunct") password files and didn't like the inherent consequences. - Dave