home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.os.vms
- Path: sparky!uunet!haven.umd.edu!darwin.sura.net!jhunix.hcf.jhu.edu!jhuvms.hcf.jhu.edu!ecf_stbo
- From: ecf_stbo@jhuvms.hcf.jhu.edu (Remember Grimalkin)
- Subject: RE: Getting rid of SMB_SECURITY once and for all ?
- Message-ID: <4JAN199310551823@jhuvms.hcf.jhu.edu>
- News-Software: VAX/VMS VNEWS 1.41
- Sender: news@jhunix.hcf.jhu.edu (JHU News Administrator)
- Organization: The Johns Hopkins University - HCF
- References: <00965c66.12618940.15752@elros.stg.trw.com> <1992Dec30.041846.5354@decuac.dec.com>
- Date: Mon, 4 Jan 1993 15:55:00 GMT
- Lines: 20
-
- In article <1992Dec30.041846.5354@decuac.dec.com>, murphy@ufp.dco.dec.com writes...
- >The "default" X Window System security scheme on UNIX systems is host-based
- >only; anyone logged in to your workstation has access to the display.
- >On VMS, the authorization information includes the username of the user.
- >Thus, there aren't the same security risks - unless you're sharing your
- >password :-)
-
- You neglected to mention that since TCP/IP doesn't pass this information,
- the 'only' VMS security scheme boils down to the 'default' unix scheme when
- using TCP/IP as the transport. Hopefully something better will be provided
- in this century. Until then, people should remember that if you permit a remote
- tcp/ip host to access your display, anyone on that host can grab your
- keystrokes, including passwords, etc... without you even noticing.
-
-
-
- Tom O'Toole - ecf_stbo@jhuvms.hcf.jhu.edu - JHUVMS system programmer
- Homewood Computing Facilities, Johns Hopkins University, Balto. Md. 21218
- >Here comes a jet ski.
- >weuh weeuhh weeuhh weeuhh WEEUHH WEEUHH WEEUHH WEEUHH weeuhh weeuhh weeuhh weuh
-
