Newsgroups: comp.sys.3b1
Path: utzoo!utgpu!cunews!micor!latour!ecicrl!clewis
From: clewis@ferret.ocunix.on.ca (Chris Lewis)
Subject: Re: COPS security audit and the unix pc.
Message-ID: <1991Apr03.201928.5950@ferret.ocunix.on.ca>
Date: Wed, 03 Apr 91 20:19:28 GMT
References: <1991Mar23.004007.2024@shibaya.lonestar.org> <1991Mar26.225255.6048@ferret.ocunix.on.ca> <1991Mar28.035200.725@ceilidh.beartrack.com>
Organization: Elegant Communications Inc, Ottawa, Canada

In article <1991Mar28.035200.725@ceilidh.beartrack.com> dnichols@ceilidh.beartrack.com (DoN Nichols) writes:
>In article <1991Mar26.225255.6048@ferret.ocunix.on.ca> clewis@ferret.ocunix.on.ca (Chris Lewis) writes:
>>In article <1991Mar23.004007.2024@shibaya.lonestar.org> afc@shibaya.lonestar.org (Augustine Cano) writes:

>	Is it tolerable to run B-news on the 3b1?  I am getting just a
>partial feed, and even with C-news it can take over an hour to digest a
>large day's shipment, like today's.

Depends on what you mean by "partial feed".  If your C-news takes over an
hour to unpack even a full feed, something's busted.  Are you using dbz?
My 3b1 with B-news probably takes about 10-15 minutes per day to unpack my
entire feed - perhaps about 1Mb compressed daily. On the other hand, C-news
could do the whole thing in under a minute.  I maintain both types of news systems,
so I have a pretty good idea of how both behave.

>>The real solution is to fix Kermit.  Or use HDB (where the lock directory
>>can be made world writable but not everything else)

>	Except that the HDB version from THE STORE made the lockfiles live
>in the same old place, to keep compatability with other stuff in the
>machine. :-(

Sigh.... Making Kermit run setuid (fixing some of the security holes that
may open) is a better solution.

>>Depends on how paranoid you are.

>	I don't like leaving a roadmap with a nice heavy guideline for
>potential troublemakers/trojan_horse_builders, even though one cannot
>directly dial into this system.

That's what I meant.

>	Can YOUR computer enjoy a safe sleep? :-)

Pretty well.  I don't let other people log into it and I'm running other
software to confirm and maintain security and detect security breaches.
-- 
Chris Lewis,
clewis@ferret.ocunix.on.ca or ...uunet!mitel!cunews!latour!ecicrl!clewis
Psroff support: psroff-request@eci386.uucp, or call 613-832-0541 (Canada)
**** somebody's mailer is appending .bitnet to my From: address.  If you
see this, please use the address in the signature, and send me a copy
of the headers of the mail message with the .bitnet return address.  Thanks!
