Path: utzoo!attcan!lsuc!dave
From: dave@lsuc.uucp (David Sherman)
Newsgroups: comp.mail.uucp
Subject: Re: problems with att multiple-machine approach?
Summary: why not assign passwords?
Message-ID: <1988Sep29.210829.29073@lsuc.uucp>
Date: 30 Sep 88 01:08:24 GMT
References: <1988Sep23.105347.652@lsuc.uucp> <2300@att.ATT.COM>
Organization: Law Society of Upper Canada, Toronto
Lines: 32

In article <2300@att.ATT.COM>, jhc@att.ATT.COM (Jonathan Hawbrook-Clark) writes:
> 						any mail queued
> up for you will never get delivered... because
> we do not trust that a machine calling in is actually who it says it
> is. It is a trivial command to change a machine's nodename...
> 		So, except in rare cases, we only deliver mail when
> we make the call.
> 
> Hope this clears up some questions. This situation isn't perfect,
> but we are putting security above convenience and cost. If anyone
> has any truly wonderful ideas which would satisfy the various
> criteria under which we work then we'd love to hear them.

Uh, yeah.  Not to get snarky or anything, but many years ago
someone came up with this wonderful idea called a PASSWORD.
Just give each machine its own login.

I realize this would mean a little more administrative overhead
at your end; setting up a link would require a bit more contact
with the other end.  But it's hardly onerous.  We have 45 uucp entries
in our /etc/passwd, each with its own login name and password.
Doesn't bother the other 1,490 users in the least.

Of course, you'd no longer have the cuteness of running uucico
on your dialup lines instead of getty.  I must admit I was a bit
startled when I first saw the L.sys entry for calling att (there's
no login mechanism at all, you just dial and connect).

David Sherman
The Law Society of Upper Canada
-- 
{ uunet!attcan  att  pyramid!utai  utzoo } !lsuc!dave