This is time-zones in view mode; [Up]
Date: Sun 07-Jun-1989 21:32:37 From: Unknown Subject: Re: time zones Please people, stay calm... Most people who buy a machine expect to be able to do whatever they want with their machine, including setting the time and date. If you need to administer someone's machine for them, then they will live by your rules (presumably). If this is the case, then just turn off the setuid bit for Preferences, for example. This may disable some other features that you wanted a user to retain (from Preferences), but most other things will still work (those that affect the defaults database, for example).
Date: Sun 08-Jun-1989 01:39:54 From: Unknown Subject: Re: time zones In article <2333@blake.acs.washington.edu> mrc@Tomobiki-Cho.CAC.Washington.EDU (Mark Crispin) writes: > There is no security against anyone who has physical access to >the console. Hell's bells, you can hit double-COMMAND-` to get an NMI >interrupt, halt the machine, and then boot it any way you want. I'm >no Unix wizard, but I know how to give myself superuser access to any >NeXT I can lay my hands on, even without an account. Yup, and that's one major reason we won't buy them. We currently use Suns in both student labs and faculty offices, all sharing the same filesystems. What you might call a "hostile environment". The same problems exist on our suns, but with 4.x, if the console is not marked secure you can't boot single-user without the root password, and root logins are not permitted. NeXT has done part of that, but marking the console as not secure does nothing to prevent arbitrary users from booting single-user. Oops. There are other fun things that can be done with the ROM monitor, most of which are too complex for the average undergrad, but the combination of: a) user-creatable system disks, b) magical ownership of all files on an optical, and c) the ability to set the boot device in a "user-friendly fashion", allows people to break into the machine without ever leaving the user-friendly, bells-and-whistles window system. Bad enough having people breaking in, but at least with most systems they have to know *something* to do it! NeXT has created "security holes for the rest of us." >Is anyone using NeXTs as ordinary Unix >timesharing boxes?? I use the NeXT on my desk as a workstation, interacting with our network as a "trusted peer". It exports a filesystem, it mounts 56 file systems from other hosts, it uses the same password and group files, and looks like just another Unix box to other machines. The only reason I allow it to operate in this fashion is because the console sits in my office, over which I have some reasonable guarantees about security. In contrast, we have labs that contain large numbers of Suns for student use, and access to their consoles doesn't lower our security drastically. I'd like to make a machine like the NeXT available for use by ordinary people, but I don't trust it in a public location. > The bottom line remains that anyone can do anything on the >console, at least until NeXT comes out with a model that lets you lock >out the NMI interrupt or typein to the boot ROM (e.g. by key). Sun's solution to the ROM monitor problem was to make replacement chips that required a password to do anything other than continue. This would be acceptable for solving that problem (and, I think, preferable to adding a key). >So, >why not assume that anybody you allow to use your NeXTs is going to be >a responsible individual, albeit someone may need to be told what >*not* to do. Anyone you can't trust not to do bad things in >Preferences (once instructed on what not to do at your installation) >can't be trusted with physical access to a NeXT console either. Well, let's see. Of the 2000 or so people who have accounts on our Unix machines, the number I trust "not to do bad things" is about 50. This is equivalent to the support staff and system operators. With the fairly high turnover in population here (approximately 25% every 3 months), there will always be people who don't know what actions are "disrecommended", or can't be trusted to not do them. Easier to just not buy the NeXT, which, right now, is the solution we'd choose. -=- J Greely (jgreely@cis.ohio-state.edu; osu-cis!jgreely) >From: sfl@chem.ucsd.edu (Susan Fichera)
Date: Sun 08-Jun-1989 03:36:06 From: Unknown Subject: Re: time zones In article <51400@tut.cis.ohio-state.edu> J Greely <jgreely@cis.ohio-state.edu> writes: > There are other fun things that can be done with the ROM monitor, 1.0 ROMS will have optional hardware protection.
Date: Sun 08-Jun-1989 12:23:13 From: Unknown Subject: Re: time zones In article <2333@blake.acs.washington.edu> mrc@Tomobiki-Cho.CAC.Washington.EDU (Mark Crispin) writes: > The bottom line remains that anyone can do anything on the >console, at least until NeXT comes out with a model that lets you lock >out the NMI interrupt or typein to the boot ROM (e.g. by key). No disagreement there; I've complained about that before. > ... Anyone you can't trust not to do bad things in >Preferences (once instructed on what not to do at your installation) >can't be trusted with physical access to a NeXT console either. I agree that there is NO protection against malicious damage. But to put the time, etc, in such a prominent application, with such tempting buttons and controls just begs people (even responsible people who would NEVER do something deliberately wrong to my system) to play with them. In fact, the most knowledgeable among them do so with impunity, figuring that "This can't POSSIBLY set the real system time, that would be ridiculous." And that little calendar display? Everybody thinks its some sort of appoint- ment book, and tries clicking on the buttons. Educating regular users is one thing. But you simply can't educate everyone BEFORE they sit down at a cube. And, posting a list of "Fifteen Bad Things You Should Not Do" seems like a dangerous proposition; surely there is some _small_ validity to "security through obscurity".
These are the contents of the former NiCE NeXT User Group NeXTSTEP/OpenStep software archive, currently hosted by Marcel Waldvogel and Netfuture.ch.