From owner-freebsd-security Mon Sep 27 10: 9:10 1999 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 9674215240 for ; Mon, 27 Sep 1999 10:09:06 -0700 (PDT) (envelope-from Cy.Schubert@uumail.gov.bc.ca) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id KAA15498; Mon, 27 Sep 1999 10:09:06 -0700 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda15496; Mon Sep 27 10:08:59 1999 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.9.3/8.9.1) id KAA01034; Mon, 27 Sep 1999 10:08:59 -0700 (PDT) Message-Id: <199909271708.KAA01034@passer.osg.gov.bc.ca> Received: from localhost.osg.gov.bc.ca(127.0.0.1), claiming to be "passer.osg.gov.bc.ca" via SMTP by localhost.osg.gov.bc.ca, id smtpdBo1029; Mon Sep 27 10:08:23 1999 X-Mailer: exmh version 2.0.2 2/24/98 Reply-To: Cy Schubert - ITSD Open Systems Group X-OS: FreeBSD 3.2-RELEASE X-Sender: cschuber To: cjclark@home.com Cc: Cy.Schubert@uumail.gov.bc.ca (Cy Schubert - ITSD Open Systems Group), dillon@apollo.backplane.com (Matthew Dillon), freebsd-security@FreeBSD.ORG Subject: Re: dump(8) Insecurity/Misconfiguration In-reply-to: Your message of "Mon, 27 Sep 1999 12:15:30 EDT." <199909271615.MAA92288@cc942873-a.ewndsr1.nj.home.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 27 Sep 1999 10:08:23 -0700 From: Cy Schubert Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <199909271615.MAA92288@cc942873-a.ewndsr1.nj.home.com>, "Crist J. Cl ark" writes: > Cy Schubert - ITSD Open Systems Group wrote, > > Running dump as root isn't as big a security problem than the firewall > > issues that this rsh issue raises, not to mention cleartext. Due to > > it's copyright restrictions use of the SSH protocol may not be too > > wise, however various VPN solutions do help. > > OK, you are the second person to mention this about SSH. I've always > thought using SSH (/not/ SSH2) at a commercial site was fine > providedit falls within the following limits (from the COPYING file > that comes with the SSH tarball), > > "Companies are permitted to use this program as long as it is not used for > revenue-generating purposes. For example, an Internet service provider is > allowed to install this program on their systems and permit clients to use > SSH to connect; however, actively distributing SSH to clients for the > purpose of providing added value requires separate licensing. Similarly, > a consultant may freely install this software on a client's machine for > his own use, but if he/she sells the client a system that uses SSH as a > component, a separate license is required." > > I'm no lawyer, but it seems like using SSH for helping with dumps > would fall well within this license since backing up files does not > really generate much revenue for us. > > Is there something in the licese I've missed? You all have me nervous > now. I'm not a lawyer either (thank god), however I remember (haven't looked at the copyright lately) that it cannot be used by any commercial organization. One of my clients, a non-profit organization attached at arms length to the Government of BC which provides services to universities here in the province, did some research a couple of months ago and found that they would have to purchase the product in order to use it legally. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Sun/DEC Team, UNIX Group Internet: Cy.Schubert@uumail.gov.bc.ca ITSD Cy.Schubert@gems8.gov.bc.ca Province of BC "e**(i*pi)+1=0" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message