[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: "Small" Bug - silly question again



On 21 Mar 2000, Denis Kosygin wrote:
> Date: 21 Mar 2000 01:48:08 -0000
> To: debian-hurd <debian-hurd@lists.debian.org>
> From: Denis Kosygin <kosygin@Princeton.EDU>
> Subject: Re: "Small" Bug - silly question again
> 
> On Mon, Mar 20, 2000 at 12:15:43AM -0800, Alan P. Laudicina wrote:
> 
> > I started this thread and here is where I comment again.  I see your
> above
> > example and think of one of my own.  A "script kiddy" gets ahold of a
> list
> > of usernames and passwords of a machine at fakedomain.com.  He is at
> the
> > local university and needs a shell to telnet to the machine and use the
> > illegally obtained login and passwords.  A machine running The HURD is
> > nearby...
> 
> I appreciate everyone's concern of the security issues, but I would
> like to add a voice from the usually silent majority of people, who do
> not usually dream about hacking into other people accounts.  Is the
> convenience of non-malicious users worth anything at all?
> 
> Here is a real life example.  You come to visit another place, say to
> a conference at a friendly university, and like all the other of 200
> participants you want to telnet to your computer and read email from
> time to time, send your preprint to a local printer etc...  The local
> sysadmin is too busy to create 200 new accounts and does not want to
> create an anonymous account deemed as a security risk.  A machine
> running HURD which allows non-login shell on console is nearby...
> 
> 					  Denis Kosygin


Okay, I see everyones view, but like it was mentioned earlier, why not make
this an install time option?  I personally like the standard login prompt,
and feel a temporary guest account would be just fine for the above
situation, just change the password after everyone is done.  I know I don't
want anyone to be able to do just about anything from my box, whether its
checking their email or cracking into the university.

I think this thread has been going on quite enough, points have been said
and there will be never ending arguments for both sides.

--
Adam Farrell
skate111@stampede.org / www.cowspotting.com
Reply to: