[221] in resnet
Re: remote access to public workstations at night
daemon@ATHENA.MIT.EDU (mhbraun@MIT.EDU)
Thu Mar 3 01:48:44 1994
From: mhbraun@MIT.EDU
Date: Thu, 3 Mar 94 01:47:44 -0500
To: Gilbert Leung <gleung@MIT.EDU>
Cc: mlbarrow@MIT.EDU, resnet@MIT.EDU
In-Reply-To: [220]
Hi Gilbert,
This is an idea that comes up pretty regularly when the dialups get hosed, and
the basic problem is security. By nature, Athena public workstations are
considered insecure, to the point that the root password is well known. This
is not to say that peoples accounts are not safe when they log into a public
machine, but that if two people were logged into the same machine, one could
get access to the other's files. This is fine becaues the general Athena
model is one user to one workstation. The dialups are a concession to the
need for remote access, and to compensate for this, a lot of effort is put
into making them secure. Even if the software on Public workstations were
configured the same way as the dialups, there would be no getting around the
fact that with physical access to a machine it is always possible to get root
acces. Therefore, a system that allowed users to log in remotely to public
machines would be not be prudent for security reasons.
Matt
