Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Today, Jerry Callen gleaned this insight: > > Mandrake 7.0 does include the 'rsh/rexec' software - don't know how I missed > > it.... > > Not that it matters. Who'd want to enable that stuff anyway? :-) LOTS of people. rsh/rlogin etc. can be security risks, and even huge ones... but they can also be huge wins for system administration. Makes automating stuff really easy. In the right environment, these tools are great. Of course ssh is better, but it isn't without implications either. It comes down to a risk/reward tradeoff. If you trust your local users (and you MUST trust them at least to some extent) and you're fairly confident that you're locked down from external threats (only 100% if you're not connected to the outside by ANY means), then you may well want to take advantage of these tools. If you have very sensitive data and/or you can't trust your network or local users, then you probably should steer clear of these tools... but then you should probably also look for a new job, in order to keep stress from killing you before age 30 (or other unspecified short period of time if you're already over 30). :) All externally connected networks are at risk. It's up to the individual site to determine how much risk they are willing to endure in order to improve productivity. Being security paranoid is a good trait for your sysadmins to have, but it isn't necessarily required in all cases. On the other hand, those who make the decision how paranoid to be are often not in possession of the faculties to properly judge. But it's ok, cuz they can just fire the sysadmins anyway. -- PGP/GPG Public key at http://cerberus.ne.mediaone.net/~derek/pubkey.txt ------------------------------------------------------ Derek D. Martin | Unix/Linux Geek derekm at mediaone.net | derek at cerberus.ne.mediaone.net ------------------------------------------------------ - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |