On Wed, Mar 29, 2000 at 10:59:50AM -0500, David Harris wrote:
> I was talking off-list with one of the security proponents on this list and he
> admitted that any other user on the system could read his OpenSRS.conf file.
> That's out-right scary if you ask me.
If you allow users to login to your secure server,
that is even scarrier to me !!!
Local users are a security problem for ANY system.
I restrict my users to a single shell machine,
and they have no access to any other machines, directly.
> - David Harris
> Principal Engineer, DRH Internet Inc.
-- David Denney | D i m e n s i o n a l C o m m u n i c a t i o n s | daud@dimensional.com | DSL/V90/K56flex/V34/ISDN/Frame/T1/T3 starts @$12/mo | 303.285.INET voice | http://www.dimensional.com/ info@dimensional.com | 888.3.DIMCOM tollfree | Denver * Boulder * Longmont * Bailey * CO-Springs |...they can have my ssh when they pry the keyboard out of my cold, dead hands!
This archive was generated by hypermail 2.1.3 : Tue Oct 19 2004 - 23:35:22 EDT