Date: Thu, 29 Jun 1995 21:53:56 -0400 (EDT) From: "William Pechter ILEX Systems" <pechter@stars.sed.monmouth.army.mil> To: freebsd-hackers@freebsd.org Subject: Re: PPP password security Message-ID: <199506300153.SAA14825@freefall.cdrom.com> In-Reply-To: <199506211715.TAA20917@uriah.heep.sax.de> from "J Wunsch" at Jun 21, 95 07:15:38 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> It's a long-standing tradition to store remote passwords in plaintext > (/etc/uucp/systems etc.), and i don't see a problem as long as the > files are mode 0600 and owned by a `trusted' user. If you cannot > trust root, forget about Unix security. > > Perhaps all those programs should refuse to work if they detect > insecure files containing the password (like the .rhosts and .netrc > permission checks). > Pyramid did this with rhosts. and .netrc ... also they made vi ignore .exrc files in non-home directories unless set exrc was set in exinit variable... Bill ----------------------------------------------------------------------------- Bill Pechter |Systems Administrator | N2RDI Ilex Systems |170 Patterson Ave | Shrewsbury, New Jersey 07702 908-532-2369 |pechter@sesd.ilex.com | pechter@stars.sed.monmouth.army.mil
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506300153.SAA14825>