Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!pt.cs.cmu.edu!f.word.cs.cmu.edu!eht From: eht@f.word.cs.cmu.edu (Eric Thayer) Newsgroups: comp.sys.next Subject: Re: Student's view of NeXT marketing pl Message-ID: <5873@pt.cs.cmu.edu> Date: 16 Aug 89 14:48:58 GMT References: <4866@tank.uchicago.edu> <116900006@p.cs.uiuc.edu><416@wet.UUCP> <420@wet.UUCP> Organization: Carnegie-Mellon University, CS/RI Lines: 37 In article <420@wet.UUCP> epsilon@wet.UUCP (Eric P. Scott) writes: >In article J Greely writes: >>In article <416@wet.UUCP> epsilon@wet.UUCP (Eric P. Scott) writes: >> The ROM changes in 1.0 allow >>the administrator of a machine to prevent unauthorized individuals >>from doing interesting things like changing the boot device (which is >>actually one of the least interesting things you can do from the >>monitor). They do not disable booting from OD, they allow you to >>control it. > >Giving our users root access is just not a substantial risk. If >anyone can "lock" an otherwise accessible cube so that no one >else can use it ... that is a SERIOUS threat. It's near- >impossible to trace, and could be difficult to correct. It's not clear to me who the users of your NeXT's will be but, perhaps you could give the machines a password and let the people in the class know what it is. Then, give a stiff penalty for getting caught leaking the password or changing the password on a system. The password protection scheme is not too obtrusive (but I don't know peoples' thresholds of obtrusiveness either :-) ). It could be a short but obscure password because to brute force the password, someone would have to rig up an automated way of getting input data to the console (although /dev/ttya can be configured as an alternate console, it is possible to require a password to do that). I can see however, that it would be tempting for a student who had not completed an assignment before an impending deadline to waste all (or such a percentage that it locked out a significant fraction of the class) the machines in the lab. -- Eric H. Thayer School of Computer Science, Carnegie Mellon (412) 268-7679 5000 Forbes Ave, Pittsburgh, PA 15213