response 50 of 164:

Aug 2 03:27 UTC 1997

I'm not interested in the issue of circumvention, since I think
the whole proposal is a bad idea to begin with.

response 52 of 164:

Aug 2 04:42 UTC 1997

Staff sees a steady progression of "root kits" being imported onto grex,
and run without success.  These "root kits" are basically packaged up
tools that computer vandals use to try to break into computers.  They
don't work on grex, but it's quite clear that there is a significant
number of people out there who would very much like to "circumvent"
every limit possible on grex.  (Although these people are a constant
reminder of the importance of proper computer security, they amount to <
1% of all users on grex.)

The "root kit" vandals are actually not usually very scary, because they
aren't (usually) very interested in grex.  Grex is, to them, just
another SunOS system with another password database; if they can't break
in easily, they'll usually leave quite quickly for better pickings
elsewhere.  We've had other people on grex who have exploited various
other "limits" in more interesting ways.  For instance, "party" is of
course quite popular, and some of the more frequent users have found
various holes in party that allowed them to perform various kinds of
mischief.  After a bit, of course, the problem becomes well-known, and
Jan fixes it.  You'll have to ask Jan for more details; I remember only
that it happened.

Another sort of "limit" has to do with login.  Once upon a time, you
could run "/bin/login", even after you logged in.  It would (of course)
log you in over again, & change the entry in wtmp.  It wouldn't,
however, log you out.  You would be on both as the "new" person (in the
process that had just exec'd login), and as the "old" person (in the
parent process.) At one point, "newuser" depended on this feature of
"login", and it was also sometimes used by people to allow someone else
to temporarily login (for security reasons, we had to disable "su"...)
But it was also possible to login as a "fake" user, such as "who", or
"newuser", then log out (as the "new" person), leaving the original
login session (the "old" person) active, but with the wtmp record of the
"new" person listed in "who".  People learned to do this and the news
spread fairly rapidly in a certain crowd of users, who dubbed this
procedure "cloaking".  While it didn't pose any real security nuisance
(we could still look at process accounting logs, the output of "ps", and
even the wtmp log to figure out that this had happened) it was still a
nuisance.  Eventually, as other changes were made to telnetd, newuser, &
login, the need and support for this "feature" was eliminated, and it is
no longer a problem today.

One of the current problems that faces grex is that of mailing lists.
There are plenty of people on the internet who want to find a home for
their mailing lists.  Mailing lists pose a particular problem, because
the people on the list don't care if the mail server takes a few hours
to deliver their mail.  Grex definitely doesn't have the resources to
act as a mail server.  Even though we try to make this pretty clear up
front, some people ignore this.  Most of those people do give up once we
make it clear mailing lists really aren't tolerated here, but a few
people are more persistant.  Some of those people are getting more
creative about how they store their mailing list.

To summarize: yes, there is a small fraction of people on grex, who will
try to circumvent limits on their use of grex.  Most of those people are
pretty stupid, but a few are pretty smart.  It only takes one smart one
to tell all his friends, to become a pretty big problem.

I don't think there's much reason to get hung up about the exact
definition of what "reasonable needs of most of our users" is.  The
important thing is, most people seem to agree that internet e-mail
access is a good service to offer everyone.  Only a few people seem to
be bothered by the notion that they might be paying for "other people"
to have "free e-mail".  If this were a commercial service, that might be
a legitimate gripe.  I don't think it's legitimate here however.  One of
the things your grex dollar buys you, is the ability to support a
community of many different kinds of people, doing many different
things.  Inevitably, not all of those things are going to be things you
are interested in.  There may be conferences, or even whole applications
you don't particularly care for.  As long as you value that diversity,
however, it should still be worthwhile for you to donate.  I don't think
anyone here is arguing grex should become *just* an e-mail system.  I do
think it's pretty obvious however, that there are plenty of people who
believe that e-mail is an important *part* of computer conferencing, and
that this *includes* e-mail off-site, as well as on-site.

response 54 of 164:

Aug 2 16:05 UTC 1997

The reason I entered #0 is that the "free e-mailer to the world"
function is overwhelming the other functions.  

response 56 of 164:

Aug 2 16:53 UTC 1997

Grex does have a disk quota of 1 MB.  It's an honor system thing.  However,
turning on software enforced disk quotas would cause a lot of overhead that
would slow Grex down a lot.

response 58 of 164:

Aug 3 03:12 UTC 1997

(I think this should be linked to agora)

response 60 of 164:

Aug 3 16:35 UTC 1997

nether is bigger than grex?

response 62 of 164:

Aug 3 22:49 UTC 1997

Re 59 - Given how much unsolicited commercial e-mail I've been
getting lately, a mail quota would be a BAD plan.  I'd be about
ready to kill someone if a message from my girlfriend was deleted
because someone had sent me important information about making
money on the Internet.

response 64 of 164:

Aug 4 13:20 UTC 1997

My mom is one of those free E-mail parasites who could easily pay for E-mail
but doesn't.  She sends and recieves maybe two or three messages a month, all
to my younger brother in Madison.  So how much should she be paying for her
two E-mails a month?

I think giving away free E-mail to people is a good thing and we shouldn't
stop.

I also think setting up a separate mail machine is no more difficult than
implementing this proposal, and is a more sensible approach to the problem.

response 66 of 164:

Aug 4 18:20 UTC 1997

(I've asked that this be linked to Agora; no response yet.)

response 68 of 164:

Aug 4 21:39 UTC 1997

There's Marcus being elitist again...the point of coop is to have a place
to discuss these things but hasnt it always been the idea that if linking
something someplace can broaden the discussion measurably, that it is a
reasonable thing to ?  For many coop items, there arent enough people who
dont read coop who really care about it, B ut I think this is a case where
plenty of folks would have oan opinoin.  If Marcus doesnt want to hear
these opinoins outside of coop, that is an elitist attitude to me.

response 70 of 164:

Aug 5 00:11 UTC 1997

Really, it's all a question of what we want grex to be about.

If we want grex to be full of nothing but in your face politicking,
major dramas about the imaginary crimes of some luckless newcomer, and
imminent disater threatened or averted, then by all means, we ought to
fold co-op & agora together, and do it all in one place.  If we want
grex to be about *other* things, and we want to keep administrative
stuff down to the practical minimum, then pushing all that stuff into a
separate cf, all its own, is just exactly what we should want.

response 72 of 164:

Aug 5 00:26 UTC 1997

Pointer would be good.

response 74 of 164:

Aug 5 05:47 UTC 1997

Well, the folks just reading Pets will miss it too, Richard. How about
linking everything to all conferences, so nobody will be left out?