su modifications posted to net.sources
baccala at USNA.arpa
baccala at USNA.arpa
Sat Feb 7 13:01:33 AEST 1987
I take objection to being able to su without a password. I feel that NOONE
should be able to su without a password. The reason is simple - most people
have .rhosts. Root can't, and shouldn't. If root is cracked on machine A,
and hacker B on machine C shares rhosts with A and is an su_person on C, the
villins have root on C. No network is *really* secure, and the best way to
ensure security is through people - the guy on the other end of that line
has to know the password no mattter WHO he says he is.
Diclaimer: I'm a fanatic when it comes to security.
- BRENT W. BACCALA -
Computer Aided Design/Interactive Graphics
U.S. Naval Academy
Annapolis, MD
<decvax!brl-smoke!usna!baccala>
<seismo!usna!baccala>
<baccala at usna.arpa>
More information about the Comp.unix.wizards
mailing list