[56] in linux-security and linux-alert archive
Re: Shadow Passwords?
daemon@ATHENA.MIT.EDU (lilo)
Tue Mar 7 20:13:21 1995
Date: Tue, 7 Mar 1995 08:25:58 -0600 (CST)
From: lilo <TaRDiS@mail.utexas.edu>
To: linux-security@tarsier.cv.nrao.edu
cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <Pine.LNX.3.91.950307102642.2806C-100000@mercury.ftech.co.uk>
Reply-To: linux-security@tarsier.cv.nrao.edu
On Tue, 7 Mar 1995, Piers Cawley wrote:
> On Mon, 6 Mar 1995, Daniel Hollis wrote:
> > Indeed. We run an ISP and have around 250 accounts. It doesn't take much
> > for an outsider to coerce one of your newbie users to send them a copy of
> > /etc/passwd by telling them to "/dcc send dork /etc/passwd" from IRC.
>
> Consider running as a slip/ppp only site... We don't give our users shell
> accounts at all...
This is a good idea, but it's sort of a separate issue....
lilo
--
[Mod: I agree completely. Let's not head down the path of what sort of
site to run. Further posts in this vein will not be approved! --Jeff.]
