[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "Small" Bug - silly question again

On Mon, Mar 20, 2000 at 12:15:43AM -0800, Alan P. Laudicina wrote:

> I started this thread and here is where I comment again.  I see your above
> example and think of one of my own.  A "script kiddy" gets ahold of a list
> of usernames and passwords of a machine at fakedomain.com.  He is at the
> local university and needs a shell to telnet to the machine and use the
> illegally obtained login and passwords.  A machine running The HURD is
> nearby...

I appreciate everyone's concern of the security issues, but I would
like to add a voice from the usually silent majority of people, who do
not usually dream about hacking into other people accounts.  Is the
convenience of non-malicious users worth anything at all?

Here is a real life example.  You come to visit another place, say to
a conference at a friendly university, and like all the other of 200
participants you want to telnet to your computer and read email from
time to time, send your preprint to a local printer etc...  The local
sysadmin is too busy to create 200 new accounts and does not want to
create an anonymous account deemed as a security risk.  A machine
running HURD which allows non-login shell on console is nearby...

					  Denis Kosygin
Reply to: