Subject: Re: Removing dm(1)
To: Jon Ribbens <email@example.com>
From: Cy Schubert - ITSD Open Systems Group <firstname.lastname@example.org>
Date: 11/21/1997 07:05:52
Jason Thorpe <email@example.com> wrote:
> > Ah, thank you. I was hoping this is what you'd tell me. Basically,
> > now I can give you an example of significant functionality that
> > dm(8) provides...
> > Curt: I suggest you edit /etc/dm.conf to disallow games that spawn pagers
> > until this issue is dealt with. :-)
> This isn't good enough. All the games are riddled with sprintfs and
> strcats and suchlike.
This is why one should not install games on a production server, or at least
file off any setuid and possibly even setgid bits. In the big picture, games
are not really worth the time and effort.
An alternative is to only include the games in the source distribution, not in
any binary distribution. Make sure that the sysadmin understands the risks of
installing games and have her acknowledge this during install via a prompt
from the Makefile or by having her set an environment variable that
acknowledges this. Then if a sysadmin installs any games and those games are
used to compromise any user's account, then its the sysadmin's own damn fault
for installing games on a mission critical server.
> \ // Jon Ribbens // 100MB virtual-hosted // www.oaktree.co.uk
> \// firstname.lastname@example.org // web space for 99UKP //
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
UNIX Support OV/VM: BCSC02(CSCHUBER)
ITSD BITNET: CSCHUBER@BCSC02.BITNET
Government of BC Internet: email@example.com
"Quit spooling around, JES do it."