[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SAGE] Security tokens

To: Antonomasia <ant@notatla.demon.co.uk>
Subject: Re: [SAGE] Security tokens
From: Jim Hickstein <jxh@jxh.com>
Date: Mon, 20 Jan 2003 16:39:53 -0800
cc: jsellens@generalconcepts.com, sage-members@sage.org
In-Reply-To: <20030120234523.01DAD46D4@notatla.demon.co.uk>
References: <20030120234523.01DAD46D4@notatla.demon.co.uk>
Sender: owner-sage-members@usenix.org

> This doesn't handle the nuisance users who will use the one-time access
> to set up a reverse telnet or something.

Point.

Fortunately I don't have to worry too much about that.  The example I cited 
was giving temporary access to another sysadmin (a peer), so trust wasn't a 
problem.  And my run-of-the-mill users aren't going to figure out either 
end of the above gambit on their own.

And yes, certain things (like "sudo /bin/sh") are considered <i>prima 
facie</i> acts of wrongdoing, meaning that I can convince HR to take steps.

Follow-Ups:
- Re: [SAGE] Security tokens
  - From: Dave Close <dave@compata.com>

References:
- Re: [SAGE] Security tokens
  - From: ant@notatla.demon.co.uk (Antonomasia)

Prev by Date: Re: [SAGE] Security tokens
Next by Date: Re: [SAGE] Security tokens
Prev by thread: Re: [SAGE] Security tokens
Next by thread: Re: [SAGE] Security tokens
Index(es):
- Date
- Thread