home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky comp.sys.sgi.admin:119 comp.sys.sgi:18540
- Path: sparky!uunet!ogicse!das-news.harvard.edu!cantaloupe.srv.cs.cmu.edu!H.GP.CS.CMU.EDU!drew
- From: drew+@CS.CMU.EDU (Paul Olbrich)
- Newsgroups: comp.sys.sgi.admin,comp.sys.sgi
- Subject: Re: security concerns revisted
- Message-ID: <C0GKHt.18s.2@cs.cmu.edu>
- Date: 7 Jan 93 00:39:28 GMT
- Article-I.D.: cs.C0GKHt.18s.2
- References: <1992Dec24.193457.16465@u.washington.edu> <C0G7I2.JM3@helios.physics.utoronto.ca> <ui2dla0@zuni.esd.sgi.com> <C0GEH4.2KJ@helios.physics.utoronto.ca>
- Sender: news@cs.cmu.edu (Usenet News System)
- Organization: Carnegie Mellon University
- Lines: 27
- Nntp-Posting-Host: h.gp.cs.cmu.edu
-
- In article <C0GEH4.2KJ@helios.physics.utoronto.ca>, sysmark@helios.physics.utoronto.ca (Mark Bartelt) writes:
- >
- > ...
- >
- > Password-free accounts, and pointing people toward permissive tftpd, seem
- > like poor ideas. And commenting that the potential pitfalls are covered
- > in the documentation strikes me as a bit of a cop-out.
- >
- > ( Don't take any of this personally, Dave; we *do* love you! :-)
- >
- > Mark Bartelt 416/978-5619
- > Canadian Institute for mark@cita.toronto.edu
- > Theoretical Astrophysics mark@cita.utoronto.ca
- >
- > "Clothes not busy being worn are busy drying." - Dylan, on laundry day
- > [ singing "It's all right, ma (I'm only bleaching)" ]
-
- Also, /usr/lib/X11/xdm/Xsession by default has a line in
- it that says "/usr/bin/X11/xhost +" which allows clued individuals
- to write X clients that monitor that machine's keystrokes
- across the net.
-
- Other workstation vendors that I am familiar with appear to
- default to "xhost -".
-
- Drew Olbrich
- drew@cs.cmu.edu
-
