Path: utzoo!utgpu!watmath!clyde!att!rutgers!tut.cis.ohio-state.edu!stegosaur.cis.ohio-state.edu!romig From: romig@stegosaur.cis.ohio-state.edu (Steven M. Romig) Newsgroups: comp.sys.next Subject: Re: diskless NeXT? (was Re: Announcement vs reality) Keywords: Next Message-ID: <28659@tut.cis.ohio-state.edu> Date: 29 Nov 88 21:16:29 GMT References: <17846@glacier.STANFORD.EDU> <3638@pt.cs.cmu.edu> <28185@tut.cis.ohio-state.edu> <267@aber-cs.UUCP> <28493@tut.cis.ohio-state.edu> <13977@cisunx.UUCP> Sender: news@tut.cis.ohio-state.edu Distribution: eunet,world Organization: The Ohio State University Dept of Computer and Information Science Lines: 42 cmf@cisunx.UUCP (Carl M. Fongheiser) writes: > Why do you need root access to get people's passwords? It hardly even > makes it easier! Good point. I wasn't very clear about what I meant in my note. I don't care so much about the passwords themselves - I'm more concerned about the system software. There are two cases - either you have a local disk of some sort, or you boot diskless (with the possibility that you may boot remotely, but swap to a local disk). In the case of a local disk of some sort, I expect that someone can and possibly will become root and muck about with the system software. Random users cannot detect (and thereby fix) that, and may get screwed by it (ala Trojan horses and so on). As a system administrator, I can't prevent this, since they wouldn't have to deal with a Kerberos authentication server on the net to do their damage. Basically, by booting from a local disk, I put the system software into the users hands. A user has no "guarantee" that he can boot this workstation and use the "correct" system software. In the case of a diskless workstation, I've got to deal with network services to boot and mount file systems and all that - I have a flying chance of maintaining some semblance of security using something like Kerberos. Someone may still choose to bring an optical disk and boot off of that, but they can probably be prevented from futzing with the system software across the network. That means that the next user to come along can boot the workstation and can be "guaranteed" to have a correct copy of the system to work with. Neither of these says anything about someone taking advantage of security holes to become root and futz with the system software, of course. That's a different problem. The point isn't that people can spoof other folks out of their passwords - of course they can, even without root access. The point I was making is that using local disks puts the software in the hands of the user. Some people may choose to do that - I would rather not, but I won't have any choice about it if NeXT doesn't support diskless workstations. --- Steve Romig romig@cis.ohio-state.edu CIS Dept., The Ohio State University