[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Security (ugh, Again?)
Date: Fri, 25 May 90 15:40:00 EDT
From: MILLER@vax.cam.nist.gov (Bruce R. Miller)
Date: Fri, 25 May 90 15:37 EDT
Without getting into a debate about whether Unux systems really are
secure or not; Hey, I dont even like passwords, security etc. But, I'ld
like to do something to make our lispms more secure & accessible in some
appropriate combinationq; apparently its not too hard to have either
extreme, but in the middle?
What I've got in mind is something vaguely resembling the unux approach;
at least our management would feel comfortable; `it looks secure' and
such. Also, the fewer times you have to say `well these machines dont
work like that' the better off you are (even if they work better!)
Telling them that these machines work like macintoshes.
The ACL setup doesn't seem to match the model I'm looking for;
and since somebody reported that they couldn't un-install it, I'm
hesitant to experiment with it!
For example; I would to have the following `features'
1) To access a machine (telnet or console) you've GOT to log in and
give a password. Chris sent a nice hack which uses the firewall stuff
to disable select & friends and wont let anything happen till the user
is logged in. But it uses ACL to get the password, which uses the LOCAL
FS (some of our's dont have FS and also the passwords on different
[TANGENT: What's the deal with Firewall? It's in SYS:UNSUPPORTED; in rel
8! Did it die? Also there are .bin's but no .ibin's; Does it NOT work
Ideally, I could look up passwords using Yellow pages? at least for
logging into some machines: I've got one machine that could concievably
supply a service (macsyma) to all users on our lan, including unux
users. It would be nice not to have to duplicate the sysadmin tasks
already done by the sun people. BTW, the macsyma machine in question
has no FS.
Anybody got YP code working? (is it part of NFS? would one need NFS to
implement it?... Presumably I need NFS to set the homedir for these
I strongly suggest getting the NFS layered product if you have UNIX machines
machines at your site. It gives you capabilities like
-Storage of systems on a UNIX file server, but still keeping the versioning
features of SCT. Here at MIT we are storing all of our Release 8 sources,
fonts, and documentation on a UNIX file server.
-RPC over UDP and TCP between your UNIX machines and your Symbolics
-Yellow Pages access.
If you have Release 8 Symbolics NFS, a yellow pages lookup for a user's
encrypted password would simply be:
The only problem is the password encryption part. In Release 8.1 Symbolics
NFS will include password encryption code and it will check passwords. With
it to check a password you would do something like this:
(multiple-value-bind (encrypted-password user-unknown-p)
(and (not user-unknown-p)
(rpc::unix-crypt password encrypted-password))))
If you ask the Software Support people real nicely, they might be able to
forward you all the 8.0 Network RPC ECOS and a copy of the patch so you can
get password checking sooner.
At any rate, ACL has a password table per FS rather than `site wide'
such as YP. Also, apparently the sysadmin must set passwords rather than
2) By default (and without extra passwords) all (or most) lmfs directories
should be readable, listable.. by a regular logged in person, but not
3) on the other hand, good ole' superuser me should be able to do
anything. Ok, I'm willing to type in an extra password for that...
4) Probably other stuff I haven't thought of too.
It seems that ACL, by itself, doesn't answer the right questions; some
combination of ACL & YP would appear to fit better. Or is it better to
avoid ACL altogether? Note that I haven't even installed TCP yet,
perhaps that experience will clarify some of the issues for me.
Any help, suggestions, philosophy, and of course, code, would be very