[155] in ad-lib
Forwarded message: [gyoung@MIT.EDU (Grant Young ):Security on emmy]
daemon@ATHENA.MIT.EDU (Marilyn McSweeney )
Wed Mar 15 12:52:19 1995
To: acq2@MIT.EDU
Date: Wed, 15 Mar 95 12:52:33
From: mgm@MIT.EDU (Marilyn McSweeney )
Please read Grant's message below about individual passwords. Since we're
not meeting on 3/16 (Communications Forum), I'd like to get information
from you to Grant as quickly as we can. Although I remember all your
names, I'd appreciate it if each of the subgroup conveners would make a
guesstimate as to what kind of permissions your groups will need for
testing. If you send them to me, I'll collate and forward to Grant. So, I
need to hear from Charlene, Ellen, Donna or Sheelah about what you
anticipate for the next few weeks. Thanks! MGM
------- Forwarded Message
To: bog-lib@MIT.EDU, efc@MIT.EDU
Subject: Security on emmy
Date: Tue, 14 Mar 95 16:58:45
From: gyoung@MIT.EDU (Grant Young )
As I've met with a couple of groups it's become clear that we need to start
issuing individual passwords to people on Advance. The generic sign-ons
that we've been using are flawed in a couple of ways: There's too much
access to some functions for everyone and there's too little for the people
who really need it. Issuing more generic passwords is not an effective
solution.
Rather than trying to scope out the entire range of options let me suggest
the following approach:
I will first issue individual passwords to BOG members and the members of
the implementation teams.
I will try to match the permissions to the role of the implementation team
members as best I can. I will guess slightly low and some functions will
not be accessible to all members.
If you find that a member of your team does not have access to a function
they need let me know. I will also tell anyone who asks to send their
requests for more access through the implementation team leaders. That way
you will be aware of who has what permissions.
I will also start modifying the menu system to eliminate some functions
that will not be used by us (like Lvis).
I'll start issuing the passwords by function and after I've got an
implementation group in, I'll reduce the generic logins for that function
to essentially a display level of functionality.
This will take a bit of patience while we iron the bugs out, but if we
start now it won't be too bad when we're ready to go live. Right now I'd
like to get a list of your team's members. If you want to add notes about
what they're doing as a guide for me that would be helpful but not
necessary at this point.
-- Grant
------- End of Forwarded Message
