Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

what unix, linux c/c++ to buy



Today, Jerry Callen gleaned this insight:

> > Mandrake 7.0 does include the 'rsh/rexec' software - don't know how I missed
> > it....
> 
> Not that it matters. Who'd want to enable that stuff anyway? :-)

LOTS of people.  rsh/rlogin etc. can be security risks, and even huge
ones... but they can also be huge wins for system administration.  Makes
automating stuff really easy.  In the right environment, these tools are
great.

Of course ssh is better, but it isn't without implications either.  It
comes down to a risk/reward tradeoff.  If you trust your local users (and
you MUST trust them at least to some extent) and you're fairly confident
that you're locked down from external threats (only 100% if you're not
connected to the outside by ANY means), then you may well want to take
advantage of these tools.

If you have very sensitive data and/or you can't trust your network or
local users, then you probably should steer clear of these tools... but
then you should probably also look for a new job, in order to keep stress 
from killing you before age 30 (or other unspecified short period of time 
if you're already over 30). :)

All externally connected networks are at risk. It's up to the individual
site to determine how much risk they are willing to endure in order to
improve productivity.  Being security paranoid is a good trait for your
sysadmins to have, but it isn't necessarily required in all cases.  On the
other hand, those who make the decision how paranoid to be are often not
in possession of the faculties to properly judge.  But it's ok, cuz they
can just fire the sysadmins anyway.


-- 
PGP/GPG Public key at http://cerberus.ne.mediaone.net/~derek/pubkey.txt
------------------------------------------------------
Derek D. Martin      |  Unix/Linux Geek
derekm at mediaone.net  |  derek at cerberus.ne.mediaone.net
------------------------------------------------------

-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).




BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org