Subject: Re: Removing dm(1)
To: Scott Reynolds <scottr@plexus.com>
From: Curt Sampson <cjs@portal.ca>
List: netbsd-users
Date: 11/18/1997 14:11:35
On Tue, 18 Nov 1997, Scott Reynolds wrote:
> > I think I've addressed the argument that dm provides any significant
> > functionality.
>
> What you've done is asserted that it doesn't provide significant
> functionality, which is not the same thing. As I've already mentioned to
> you, this does nothing to validate your argument for removing it.
Perhaps I need to summarise my argument in a different way. Why
don't you tell me which points in particular you disagree with.
1. The binaries of the games are easily available, and can be
downloaded and run by normal users.
2. Therefore, on any system with Interenet access, dm will not
fulfil its role of stopping people from playing games.
3. Since it's also dead easy to uuencode and e-mail binaries, on
any system that exchanges usenet e-mail, dm will not fulfil its
role of stopping people from playing games.
4. dm is only useful on systems with multiple users; on a personal
workstation with only one user, obviously the user can get around
dm, since he set it up in the first place.
This doesn't leave a whole lot of machines out there on which dm
is useful, does it?
So what do we gain by removing it?
1. We need do less program validation, since stop running several
executables suid. It saves us work.
2. Not running programs suid is a good thing in general, as far as
security goes. The fact that someone out there may have stopped
another person from playing fish during certain hours is small
comfort to those of us whose accounts have been open to being taken
over by others for several years now. And yes, you think that with
your changes it's secure now. But that's just what whoever created
dm in the first place thought.
cjs
Curt Sampson cjs@portal.ca Info at http://www.portal.ca/
Internet Portal Services, Inc. Through infinite myst, software reverberates
Vancouver, BC (604) 257-9400 In code possess'd of invisible folly.