Re: GNU login shell

[Jeroen Dekkers]

On Mon, Mar 18, 2002 at 10:08:33AM +0100, Moritz Schulte wrote:
> nisse@lysator.liu.se (Niels M?ller) writes:
> 
> > Well, because it's a friendly thing to do?
> 
> Well, I don't think that is a good argument.  Then you could also ask
> why we care about (local) privacy at all.

Things you care about should have read permissions for others and the
users without UID.
 
> > (When I open my door for a visitor, I don't usually lock the doors
> > to rooms that the visitor isn't supposed to see, and sometimes I
> > even encourage them to look around).
> 
> Yes, true.  But the point is that you don't know wether it's a nice
> visitor or an intruder.  I also don't understand the purpose, because
> a user would surely login if he would have real work to do at the
> sytem.

The login shell is run without UIDs, it should give a security
problem. Some visitor without an account can use the system and do
real work.

> > And because the typical local user nowadays has physical access to
> > the machine, so it's usually futile to stop attacks from evil local
> > users.
> 
> True, if a user has physical access, he would be able to spy out data
> anyway.  But I think, we shouldn't have our door that open however.

You can see a lot of things easily with physical access which you
can't if you have no UIDs in the system.

Jeroen Dekkers
-- 
Jabber supporter - http://www.jabber.org Jabber ID: jdekkers@jabber.org
Debian GNU supporter - http://www.debian.org http://www.gnu.org
IRC: jeroen@openprojects

pgpiT9NlF39fs.pgp
Description: PGP signature