This is Security-of-NeXT-systems in view mode; [Up]
Date: Sun 02-Mar-1991 06:19:55 From: eps@toaster.SFSU.EDU (Eric P. Scott) Subject: Re: Security of NeXT systems In article <1991Mar1.012721.21589@mp.cs.niu.edu> bennett@mp.cs.niu.edu (Scott Bennett) writes: > Try it. The "secure" option in /etc/ttys didn't work in 4.3BSD. >I don't know whether it's fixed in the NeXT software. Sure is. -=EPS=-
Date: Sun 02-Mar-1991 06:58:38 From: eps@toaster.SFSU.EDU (Eric P. Scott) Subject: Re: Security of NeXT systems In article <1991Mar1.014356.16867@mp.cs.niu.edu> bennett@mp.cs.niu.edu (Scott Bennett) writes: > Running catman to pre-nroff all the >man pages sounds nice, but takes a long time Not on an '040 machine!!! (I know...) > and *wastes* a lot of >disk space. Less than 3 megabytes. That's noise. Just getting rid of just the Guided Tour demo (if there's anything only worth running once, this is it) saves more than TWICE what ALL the formatted man pages take. > It is definitely a waste because on most systems the >vast majority of man pages are *never* examined by any user. Those >pages that *are* examined get nroff'ed once when first needed and >are available for quick access from then on. ...and molestation by abusive users. What you do on your personal machine is your business. I'm in a University environment--that's a bit more hostile. If space is a problem, I can NFS-mount from a machine where it isn't. Also, my time's important to me. catman will complete over a lunch hour even on an '030 machine. If I have to wait for a man page while I'm working, it blows my concentration. I want it NOW. Did I mention reducing disk fragmentation? (Before anyone asks, compressing man pages a la System V would complicate things.) [long list of permissions changes] > Good grid!! Did NeXT *really* get *all* those permissions wrong??? Check for yourself. I started on a fresh-out-of-the-box recently-manufactured NextStation with software preinstalled on a 400MB internal drive. -=EPS=-
Date: Sun 11-Mar-1991 16:31:50 From: rbp@investor.pgh.pa.us (Bob Peirce #305) Subject: Re: Security of NeXT systems (man pages in cat) >> It is definitely a waste because on most systems the >>vast majority of man pages are *never* examined by any user. Those >>pages that *are* examined get nroff'ed once when first needed and >>are available for quick access from then on. You can use cron to rm any that have not been accessed in some period of time on the assumption that the query was a one-shot deal.
Date: Sun 11-Apr-1991 17:08:47 From: regn@informatik.uni-ulm.de (Robert Regn) Subject: Re: Security of NeXT systems (man pages in cat) In <1991Mar11.163150.7457@investor.pgh.pa.us> rbp@investor.pgh.pa.us (Bob Peirce #305) writes: >>> It is definitely a waste because on most systems the >>>vast majority of man pages are *never* examined by any user. Those >>>pages that *are* examined get nroff'ed once when first needed and >>>are available for quick access from then on. >You can use cron to rm any that have not been accessed in some period of >time on the assumption that the query was a one-shot deal. Good idea, because of another problem: if a user with umask 077 reads a never before read man page, then the catman - page isn't readable by other users. a security hole!
Date: Sun 12-Apr-1991 04:11:40 From: bennett@mp.cs.niu.edu (Scott Bennett) Subject: Re: Security of NeXT systems (man pages in cat) In article <regn.671389727@julia> regn@informatik.uni-ulm.de (Robert Regn) writes: >In <1991Mar11.163150.7457@investor.pgh.pa.us> rbp@investor.pgh.pa.us (Bob Peirce #305) writes: > >>>> It is definitely a waste because on most systems the >>>>vast majority of man pages are *never* examined by any user. Those >>>>pages that *are* examined get nroff'ed once when first needed and >>>>are available for quick access from then on. > >>You can use cron to rm any that have not been accessed in some period of >>time on the assumption that the query was a one-shot deal. > >Good idea, because of another problem: >if a user with umask 077 reads a never before read man page, >then the catman - page isn't readable by other users. Have you *tried* this? My umask is 027 and the permissions on the formatted pages produced when I use man(1) come out as 666. BTW, you're responding to *very* old articles. Please either a) read all of them till you're caught up before posting followups or b) junk everything up until the last few days and start reading there before posting followups. Scott Bennett, Comm. ASMELG, CFIAG Systems Programming Northern Illinois University DeKalb, Illinois 60115 ********************************************************************** * Internet: bennett@cs.niu.edu * * BITNET: A01SJB1@NIU * *--------------------------------------------------------------------* * "Well, I don't know, but I've been told, in the heat of the sun * * a man died of cold..." Oakland, 19 Feb. 1991, first time since * * 25 Sept. 1970!!! Yippee!!!! Wondering what's NeXT... :-) * **********************************************************************
These are the contents of the former NiCE NeXT User Group NeXTSTEP/OpenStep software archive, currently hosted by Marcel Waldvogel and Netfuture.ch.