[235] in resnet
Re: remote access to public workstations at night
daemon@ATHENA.MIT.EDU (mhbraun@MIT.EDU)
Mon Mar 7 03:29:37 1994
From: mhbraun@MIT.EDU
Date: Mon, 7 Mar 94 03:28:48 -0500
To: Marc Horowitz <marc@MIT.EDU>
Cc: fihsu@MIT.EDU, resnet@MIT.EDU, Gilbert Leung <gleung@MIT.EDU>
In-Reply-To: [233]
Although I think marc has a lot of good sugestions, I don't think that it
would be good enough.
Athena's public workstaiton policy is not just based on trust, it is based on
the idea that it does not matter if the local workstation is insecure (within
reason). I am not religiously opposed to changing the public root password,
but I think that alone is not enough. There are many security holes on Athena
workstations that no one has bothered to fix just because the root password is
public and it would not matter.
I agree that machines like the barker machines are wasted at night because the
library is closed, but I would not want to think about using them as dialups
at night unless they were freshly re-installed each night after the library
closed. Have a multi-user timesharing system that is as physically exposed as
a cluster machine would be asking for trouble IMO. Look at the problems that
it casued when a cracker comprimised one of the RT dialups a year ago.
It is my understanding that CMU had a setup like marc described for a
while...does anyone know implementation details and how it worked ?
Matt
