[681] in SIPB-AFS-requests
Re: a few users removed from rosebud
daemon@ATHENA.MIT.EDU (mhpower@Athena.MIT.EDU)
Fri May 15 13:08:25 1992
From: mhpower@Athena.MIT.EDU
To: sipb-afsreq@Athena.MIT.EDU
Cc: amgreene@Athena.MIT.EDU
In-Reply-To: [0672] in SIPB-AFS-requests
Date: Fri, 15 May 92 13:07:47 EDT
>Users bobf and sl have been removed from /etc/security/user and
>/etc/passwd on rosebud, due to weak passwords. ...
I just took out eight more. Although in some cases "inside knowledge"
of SIPB might be helpful in getting the passwords, in other cases they
were just *stupid*.
The removed entries were copied to /etc/passwd.NOT.
Again, I didn't alter rs_users.pl. After talking with marc and
warlord, it seemed that the right solution was not to systematically
deny machine access to groups of alumni members, the right solution
was to get them to change their passwords.
Andrew: one of them was for cbf. It's not as bad as the others, but
probably should be changed, especially if he uses it elsewhere. Would
you want to deal with this one?
I sent mail in some of the other cases, but not where it seemed that
mail essentially went to /dev/null@po7.mit.edu. What's the right thing
to do? Get a paper mail address from the alumni office?
(All this assumes we want to be fairly careful not to have random
Internet crackers wandering around on our primary fileserver. If I'm
being, as usual, a bit too paranoid, though, let me know...)
Matt
