Path: utzoo!attcan!uunet!husc6!tut.cis.ohio-state.edu!stegosaur.cis.ohio-state.edu!romig
From: romig@stegosaur.cis.ohio-state.edu (Steven M. Romig)
Newsgroups: comp.sys.next
Subject: Re: diskless NeXT? (was Re: Announcement vs reality)
Keywords: Next
Message-ID: <28493@tut.cis.ohio-state.edu>
Date: 28 Nov 88 16:57:44 GMT
References: <17846@glacier.STANFORD.EDU> <3638@pt.cs.cmu.edu> <28185@tut.cis.ohio-state.edu> <267@aber-cs.UUCP>
Sender: news@tut.cis.ohio-state.edu
Distribution: eunet,world
Organization: The Ohio State University Dept of Computer and Information Science
Lines: 73

In article <267@aber-cs.UUCP> pcg@cs.aber.ac.uk (Piercarlo Grandi) writes:
>In article <28185@tut.cis.ohio-state.edu>
>bob@allosaur.cis.ohio-state.edu (Bob Sutterfield) writes:
>    [Bob comments on problems with the local disk and the removable 
>     optical disk.]
>The only thing I'd worry about is adopting this heavy handed,
>ineffectual approach to network security.  Please refer to
>comp.protocols.tcp-ip (and comp.unix.wizards). It has been repeated to
>the point of exhaustion that security in a networked environment is
>obtained by suitable protocol emanating from trusted bases, not by
>network based physical restrictions (some innocent soul even admitted
>that she had never thought that someone could easily start filtering
>packets on an ethernet for passwords), and people have expended vast
>research efforts on these issues.
>
>Projects Andrew and Athena have done a lot of good work on network
>security where there are thousands of non trusted machines around, and
>there are no restrictions on their use. Go and learn about them.

Sigh.  The Andrew and Athena projects are certainly valuable, but they
don't solve all of the security problems that administrators are faced
with.  If folks have root access to a workstation, then they can
install trojan horses on that workstation and get the passwords of
unsuspecting users (or worse).  Or they can change their network
configuration information and cause no small amount of confusion for
the administrative staff.  Etc.

And aside from that, the NeXT workstation is not using the Athena
software or the Andrew software (yet).

>Many sys admins with a delusion of "management" have a gut instinct
>that the best way to achieve something is by inconveniencing
>users and imposing restrictions. Well, not only this is unnecessary, it
>is also quite ineffectual, because it is easily circumvented in most
>cases, and certainly in the one this article is about.

Agreed.  However, one of the main roles of a system administrator in a
distributed computing environment is to provide certain services and
facilities to the users with a certain measure of guarantee that they
aren't going to get screwed by something or someone, including other
users.  The Athena project solves a large part of the problem in that
they provide a way to authenticate users and services and machines on
the network.

They don't solve all of the problems, however.  For instance, version
control.  A user may have a disk with version X of the NeXT software
with has some serious bug that we have fixed on all of our N hundred
NeXT workstations.  The bug causes lots of network traffic to be
generated, which effectively brings one or more servers to their knees
for one reason or another.  As a sys admin, I want to not only fix
that user's disk, but I would prefer that when people connect a NeXT
machine to that network, that they use the current, up to date
configuration which fixes all of the known problems.  It is
unreasonable to assume that every user will be responsive enough to
update their own disks (we have 300 Macs, we know what happens when
you try to get everyone to change the printer driver software on ther
disks).  And it is responsible and correct (I think) for the sys admin
to impose some sort of restrictions on how the workstations are used.
In this case, setting up the NeXt workstations so that they boot from
the local disk or from a network boot server would be my choice of
solution - I would still want users to be able to mount their optical
disk and all that, its just that if they are going to use my network,
they are going to play my networks game by my networks rules.  I agree
that those rules should not be too restrictive, but they are there,
and they are part of being a responsible system administrator.

>-- 
>Piercarlo "Peter" Grandi			INET: pcg@cs.aber.ac.uk
>Sw.Eng. Group, Dept. of Computer Science	UUCP: ...!mcvax!ukc!aber-cs!pcg
>UCW, Penglais, Aberystwyth, WALES SY23 3BZ (UK)

--- Steve Romig					romig@cis.ohio-state.edu
    CIS Department, The Ohio State University