home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky comp.unix.ultrix:6239 comp.sys.dec:4534
- Path: sparky!uunet!cs.utexas.edu!swrinde!news.dell.com!pmafire!cdm
- From: cdm@pmafire.inel.gov (Dale Cook)
- Newsgroups: comp.unix.ultrix,comp.sys.dec
- Subject: Re: # of users allowed on ULTRIX workstation
- Keywords: ULTRIX,#user-restriction
- Message-ID: <1992Aug10.205011.3494@pmafire.inel.gov>
- Date: 10 Aug 92 20:50:11 GMT
- References: <1992Aug7.202227.20738@panix.com> <1992Aug9.182843.28095@decuac.dec.com> <1992Aug10.141702.9609@tamsun.tamu.edu>
- Organization: WINCO
- Lines: 23
-
- In article <1992Aug10.141702.9609@tamsun.tamu.edu> zod@zeus.tamu.edu writes:
- >
- >I hate to get involved in religious wars, but might I suggest to your
- >code generators that it would be appropriate to make the "are you trying
- >to log in as root or ID 0 from an unsecure terminal" test BEFORE getting
- >a password. This is a SIMPLE change to the code and MUCH MUCH MUCH more
- >secure than letting someone guess at the password and then giving them
- >an indication of whether or not it was correct. I believe this would
- >satisfy both the security aware and the security sentient. Another way
- >to solve both these peoples problems would be to make the message
- >"not secure terminal" for either correct or incorrect passwords if the
- >user is trying to log in as root. Once again, this is a simple code fix.
- >
- >
-
- Better yet, make the message configurable. Then, if you don't like it,
- you can change it to whatever blows your hair back.
-
- --------------------------------------------------------------------------
- ...Dale Cook "A low voter turnout is an indication of fewer people
- going to the polls." --- J. Danforth Quayle
- The opinions are mine only (i.e., they are NOT my employer's)
- --------------------------------------------------------------------------
-
