[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

A Bug in Logging in to Secure Servers?

    Date: Wed, 8 Nov 89 14:00 CST
    From: William D. Gooch <ai.gooch@MCC.COM>

    I don't know for sure, but I would think that this is the desired
    behavior, since Symbolics ACLs are good for protection from network
    access only, and it's documented that anyone logged into a file server
    can access anything in its file system.  Hence, allowing remote login
    onto a "secure" server would effectively render ACLs useless.

I don't believe that "remote logins" are actually being used. The file
server contains the lispm-init and personal files of many people who often
sit at these other consoles (Symbolics). It is when the attempt to login
(read lispm-init file from server) that they are prompted for passwords,
etc. Hence, they are not logging in to the server, but just using the
server's LMFS.

					- David Mittman