Re: A security flaw question - a clarification
akonstam_at_trinity.edu
Date: 06/05/05
- Previous message: Fabrice Beauvir: "Re: Is it possible to perform an FC 3 install without a CD ?"
- In reply to: James T. Carver: "Re: A security flaw question. (akonstam@trinity.edu)"
- Next in thread: Matthew Miller: "Re: A security flaw question - a clarification"
- Reply: Matthew Miller: "Re: A security flaw question - a clarification"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 5 Jun 2005 08:26:32 -0500 To: For users of Fedora Core releases <fedora-list@redhat.com>
On Sat, Jun 04, 2005 at 05:06:15PM -0800, James T. Carver wrote:
> On Saturday 04 June 2005 04:48 pm, fedora-list-request@redhat.com wrote:
> > Message: 5
> > Date: Sat, 4 Jun 2005 15:35:31 -0500
> > From: akonstam@trinity.edu
> > Subject: A security flaw question.
> > To: Fedora-List <fedora-list@redhat.com>
> > Message-ID: <20050604203531.GA6998@Moof.cs.trinity.edu>
> > Content-Type: text/plain; charset=us-ascii
> >
> > I have a security question for the group. We have ~50 Linux machines
J> > that are NIS clients of out server. The idea as you know is that any
> > of are students can log in to any of the machines and have the same
> > home directory and the same passwd.
> >
>
> This would only happen if you have givin all the students the same user
> account and password which is a bad idea from the start. Each student should
> have their own user account and password, which would give each student their
> own home directory.
I guess I am not clear. The students have different user accounts and
passwds but their user accounts and passwds work on all the NIS
clients.
>
> > Ok, now the question. I have been hearing from people about security
> > flaws. Well what about about this. A number of our faculty have set up
> > their personal machines as NIS clients. It makes it easier to get to
> > their class related files. My feeling this is a tremendous security
> > hole, since a first important step in hacking a machine might be logging in
> > to the machine. Making faculty personal machines NIS clients
> > means that any of the 1000 or so students can log in to the faculty
> > machine. Does any one else think that this is a bad idea, or am I
> > confused?
> > --
> It is only a security hole "if" the teacher remains logged in while away from
> their machine. if so, anyone could use the machine and would be logged in as
> the instructor. If the instructor logs out, then the students would not have
> access to the computer. to prevent this you could have the computer log them
> out after a certain time out and stress to the instructors that for security
> it is important for them to log out of their machine.
>
> James Carver
No that is not the problem I am talking about. To hack a machine
remotely is a hell of a lot harder to do from a different machine
than it is if you are logged on to the machine you want to hack. It
has nothing to so with whether or not the instructor leaves his
machine logged on. Well not nothing but I am not talking about that
situation.
I am not concerned if people disagree with me but I am frustrated that
I can't clearly formulate my question so people see what I am asking.
-- ======================================================================= SUN Microsystems: The Network IS the Load Average. ------------------------------------------- Aaron Konstam Computer Science Trinity University telephone: (210)-999-7484 -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Fabrice Beauvir: "Re: Is it possible to perform an FC 3 install without a CD ?"
- In reply to: James T. Carver: "Re: A security flaw question. (akonstam@trinity.edu)"
- Next in thread: Matthew Miller: "Re: A security flaw question - a clarification"
- Reply: Matthew Miller: "Re: A security flaw question - a clarification"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
