From owner-freebsd-questions  Thu Feb 22 15:12:10 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from guru.mired.org (okc-65-26-235-186.mmcable.com [65.26.235.186])
	by hub.freebsd.org (Postfix) with SMTP id EB54537B491
	for <questions@freebsd.org>; Thu, 22 Feb 2001 15:12:04 -0800 (PST)
	(envelope-from mwm@mired.org)
Received: (qmail 46411 invoked by uid 100); 22 Feb 2001 23:12:03 -0000
From: Mike Meyer <mwm@mired.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <14997.40131.841034.409696@guru.mired.org>
Date: Thu, 22 Feb 2001 17:12:03 -0600
To: "Crist J. Clark" <cjclark@reflexnet.net>
Cc: questions@freebsd.org
Subject: Re: login-MODEM
In-Reply-To: <100097486@toto.iv>
X-Mailer: VM 6.89 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid
X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG%
 *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Crist J. Clark <cjclark@reflexnet.net> types:
> On Thu, Feb 22, 2001 at 12:59:10AM -0800, Ted Mittelstaedt wrote:
> *boggle*
> It is pretty much assumed that if a user can get local, he can get
> root.
[...]
> > Rubbish - your making things way hard for yourself.  UNIX already has
> > excellent security for this - you just need to understand it.
> UNIX does not have strong security. It was not originally designed for
> security.

BSD Unix was developed in an environment where shell accounts were
provided to undergrads as a matter of course. Some of the brightest
lights in the Unix world went through the UCB CS department, and those
systems were exposed to their attacks. Sure, the security model is a
minimal one, but it was adequate for that environment.

While the nature of the world has changed somewhat, providing shell
accounts isn't radically different from any other service. Yes, it
means you've added a new set of security risks, but there are ISPs
willing to deal with that. About half the ones I've used, for
instance. Some of them are run by people who were berkeley undergrads
during that era.

	<mike
--
Mike Meyer <mwm@mired.org>			http://www.mired.org/home/mwm/
Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message