|
|
| Author |
Message |
| 25 new of 123 responses total. |
ajax
|
|
response 75 of 123:
| 
Aug 31 20:55 UTC 1995 |
An arbitrary line of security has already been drawn - you can't see
any file's contents, but you can see any file's name. I think in the
continuum of security levels, the other ones you mentioned are issues,
but are of a less important nature (though mailq is close, imho). Your
argument strikes me as similar to the anti-fed arguments of "well if
they ban X, next thing you know they'll ban Y," (where maybe X=personal
nukes, Y=oxygen). Whether the line should be shifted is debatable, but
I don't think the "where does it all stop" is a strong argument for
allowing people to see file names. We consciously decide where it all
stops, just as someone or a group decided it when they made the decision
to publicly permit locate in the first place. Here's what I think would
be most people's opinions of the relative importance of security:
Allowed Disallowed
seeing seeing seeing seeing | seeing seeing changing
your your who your your | your your your
name mail mail is file | file password name
size to/from names | contents
-----------------> Increasing importance ------------->
Also, I think there's a certain expectation of privacy people familiar
with Unix systems have...that your name and mail spool size are publicly
permitted, that your file names and contents can be publicly permitted or
depermitted at the user's discretion with the "chmod" command.
|
davel
|
|
response 76 of 123:
|
Sep 1 02:55 UTC 1995 |
I agree that the expectation of privacy given the nature of Unix is one
important criterion. My initial reaction (that we might have a serious
problem here) was due to the apparent violation of security - if locate
allows nonpermitted dirs to be read, is there a way to read nonpermitted
files? Once the explanation was made, I'm a lot less worried - but
still not really happy. The presumption that if you depermit a dir
then random users can't see the filenames is a pretty basic one, & not
to be tossed away lightly. For example, whenever we get news up, I
don't personally care who knows what newsgroups I might read, but some
people might - and the default names trn, at least, used for postings
saved out to files were the newsgroup names.
|
rcurl
|
|
response 77 of 123:
|
Sep 1 05:22 UTC 1995 |
I have a 711 www directory, because I want to fiddle with .html files
privately, and let a few others read them by giving them the filenames.
If the filenames can be read, the files could be read by those for
whom I consider it "none of their business". Others may have other
reasons for wishing to have readable files in unreadable directories.
Therefore I do not want "locate" to display files in 711 directories.
|
popcorn
|
|
response 78 of 123:
|
Sep 1 12:03 UTC 1995 |
This response has been erased.
|
steve
|
|
response 79 of 123:
|
Sep 5 19:41 UTC 1995 |
Well said Rob. I'm not going to strongly argue that everything
be open, because I know deep down that it would be impossible to
do this. The question remains however, what to do with locate.
Since I will bet that at least half of all usage of locate is
by staff people for various reasons, the simplest thing to do, which
might not negatively impact all that many people would be so
simply depermit the use of locate.
What would people think of that? I don't see any reasonable
way to seperate out the partitions in locate, unless we have two
databases, one of all the systems stuff and one of /home and /var
(the latter to hide mail mqeue and spool information).
|
ajax
|
|
response 80 of 123:
|
Sep 5 20:34 UTC 1995 |
Personally, I like using locate to find system files, but I guess on
the whole, I think depermitting locate is better than keeping it the
way it is.
If we did have two databases, I believe the locate database can be
updated with rights from a particular user, to separate root-readable
from JoeUser-readable directories.
|
lilmo
|
|
response 81 of 123:
|
Sep 5 21:23 UTC 1995 |
I think having a "nobody-generated" list updated once a week, and the
"root-generated" list updated nightly solution works best.
|
scg
|
|
response 82 of 123:
|
Sep 6 04:18 UTC 1995 |
I use locate occasionally, but probably wouldn't miss it that much.
|
popcorn
|
|
response 83 of 123:
|
Sep 6 17:36 UTC 1995 |
This response has been erased.
|
tsty
|
|
response 84 of 123:
|
Sep 7 09:11 UTC 1995 |
heh - how timely - i *just* had a help-chat with a woman who had
telnetted in who wanted to know how to keep her real name "undisclosed"
in both /etc/passwd and in .plan. Further (!) she did not want anyone
to know from where she was telnettting.
The former is a changeable thing, the latter, ummmm, is not.
Oh, and her .plan is permed 600, as one would suspect.
|
steve
|
|
response 85 of 123:
|
Sep 7 17:09 UTC 1995 |
She should not be using Grex.
|
tsty
|
|
response 86 of 123:
|
Sep 7 17:49 UTC 1995 |
Let us then, agree to disagree by 180 degrees, she +needs+ Grex, imo.
|
rcurl
|
|
response 87 of 123:
|
Sep 7 21:28 UTC 1995 |
I'd like to know how she is using Grex before thinking of passing any
judgement. Anonymous people can make significant contributions. But
some friendliness is also nice, and anonymity without real cause is
on the unfriendly side.
|
steve
|
|
response 88 of 123:
|
Sep 8 04:05 UTC 1995 |
What I meant in #85 wsa that if this person is so concerned
with privacy that she doesn't want people to know where she is
telnetting from, she shouldn't be using the Internet, and
espically not an open system such as Grex.
In order to comply with her wishes, we'd either have to
block off most of UNIX from users (and offer only the hamstrung
services that most Freenets do), or heavily modify parts of
the op system/programs to hide this information.
Either way, it isn't a reasonable thing to do.
I am becomming really concerned with "privacy" issues like
this--I see this as a clearly related topic to the "fear of
open spaces" item in Agora right now. Only this topic could
be called "the fear of open cyberspace" and I'm getting pretty
sick of it. And I don't mean to imply that my disgust is becasue
of queries like this on Grex--I'm seeing it in a lot of other
places on the net.
I can't change other places in cyberspace, but I can I hope
have some influence here, and make the attempt to keep Grex an
open space in cyberspace. Those who desire ultra levels of
privacy shouldn't use Grex, in my opinion. Grex can and always
should keep mail private, and personal files as secure as the
buglevels in the operating system will let us, but Grex was
founded on the principals of *communications*, and as such,
I want to make a place that offers as much as we can to those
willing to communicate. Nothing could make me feel worse than
a Grex "community" of people who all have closed .plan filea
and do not use Grex to commune among themselves.
|
rcurl
|
|
response 89 of 123:
|
Sep 8 05:47 UTC 1995 |
I respect your opinion, to which you are entitled. However, how do
you propose to implement it? If this is an "open access" system, then
it is (almost by definition) open to closed people. I think this
should be looked at statistically. You can have a lot of influence
on how people behave here, but you cannot *control* how they all
behave (in all respects), and therefore there will be a distribution
of the level of secrecy desired by users for different things. Now
the question is, if you favor a weighting of the distribution toward
the open/friendly side, what actions should you take personally to
encourage that? I don't think that "disgust" is a useful point of
departure.
|
steve
|
|
response 90 of 123:
|
Sep 8 13:14 UTC 1995 |
I propose to keep things the way they are, and to encourage
people to keep open .plan files.
We need to make some changes to newuser, as Rob pointed out
some time ago. Things like make the ability to keep the important
personal information out of the .plan, while encouraging the
inclusion of other information.
You are absolutely right that we can't control it. ("Damnit!
Expose yourself--this is an OPEN system!"--no, that doesn't
work). But, we can guide people through the process and set
up the tone of the place from the users fisr exposure to Grex,
namely the woording in newuser.
Perhaps I didn't state it well enough; my disgust over the
closing of once freely given information in cyberspace has only
a little to do with Grex directly, but rather the feelings at
large with regard to this. But we can do something about one
little place in cyberspace, namely this system.
Will we have those who immediately shut down perms on their
home directories and have nothing to do with the community at
large? Sure. That I know of, we had such a person on the system
the second day Grex was open to the public. It's a fact of
life.
But I hope that we can tailor the wording of the system such
that we present as friendly an appearance as possible, and one
that encourages people to think about things before shutting
access down "because its the safe thing to do(--right?)".
How do others feel about this?
|
ajax
|
|
response 91 of 123:
|
Sep 8 13:33 UTC 1995 |
I generally agree with "keep things the way they are," but not exactly as
they are; I think occasional tweaks here and there are worth considering.
|
rcurl
|
|
response 92 of 123:
|
Sep 8 17:04 UTC 1995 |
I agree with STeve that newsuser could be better written to gently
influence the newcomer to enter a minimum of information in an open
.plan, in the name of community spirit (but not stated that way!). I
am not sure how to do it - who are our most diplomatic and persuasive
people, who could concoct some amendments to newuser to implement this
approach?
|
tsty
|
|
response 93 of 123:
|
Sep 9 08:53 UTC 1995 |
well, as far as the source of the telnet being masked - just forget it.
That's almost (but blunter) what I told her. As far as "fear of
wide open spaces," happens to "city folk" all the time - tough.
I was somewhat "taken" by the "wallpaper" nature of this person - but,
hey - "wallpaper folk" ARE on this system - and, imo, making an attempt
to "come out" from that wallpaper. And there are/were "wallpaper"
perns on the other b0x too - some I know of, for several years and
various incantations of login. When these sorts of experiments/experiences
were made known to me ......i was flabbergasted!!!
'Cause their most recent login-incantation was NOT SHY (anymore). In
one particular case ... the pseudo(s) were in use for over FOUR years!
That's part of what led to my "she +needs+ Grex" in #86.
Every request under the Sun (did i type that???) does not, by its
nature, demand satisfaction. Not even under BSDI ..... (groan).(oh, well)
I fully support STeve's focus of "keeping things open," and sincerely
hope that a few well placed "no's" will keep more people than it
will turn away. If it does, that's fine; if it doesn't, that, too,
is fine.
As far as .plan files, (and a recnet event) what is the reasonableness
of having them permed (primarily) 640?
Further, what is the distinction/comparison (dummy here) between
having either/or/both a .plan and a .project file? (or is that for
another itme?)
Also, I'm not particularily persuaded by #92 or earlier comments
that newuser could/should necessarily be "more gentle." With the
most recent "buy me" pitch from AOL ("I can even send email on
the Internet!") (gag!), "more gentle" already exists ..... for a
terrible price, not to be duplicated/mimiced/imitated here, imo.
|
popcorn
|
|
response 94 of 123:
|
Sep 9 12:49 UTC 1995 |
This response has been erased.
|
steve
|
|
response 95 of 123:
|
Sep 9 13:06 UTC 1995 |
640 is going to let everyone in the persons group read the file,
which on Grex is just about the same thing as world readable.
The newuser text needs to be updated and to better explain
privacy issues, I think.
|
rcurl
|
|
response 96 of 123:
|
Sep 10 08:09 UTC 1995 |
I did not suggest that newuser be "more gentle", but that it "gently
*influence* the newcomer" (emphasis added). I'm interested in the result,
not the process.
|
popcorn
|
|
response 97 of 123:
|
Sep 10 14:59 UTC 1995 |
This response has been erased.
|
lilmo
|
|
response 98 of 123:
|
Sep 12 01:53 UTC 1995 |
What happened to the "locate" drift discussion? solution implemented?
ignored? other solution implemented?
Has there been a resolution to the concerns for which this item was begun in
the first place? Or was airing of the concerns all that was desired?
|
rcurl
|
|
response 99 of 123:
|
Sep 12 05:14 UTC 1995 |
Airing is what grexers are best at. I did not see comment coalesce toward
any particular course of action, perhaps because not enough users see a
problem. The philosophy is "wait until there is a problem". Well, we all
do that, in part because the correction of an as yet undemonstrated
problem is not always obvious. Of course, a specific proposal could be
offered for a vote, but I'm not inclined to do so in the face of general
indifference to the issue.
|
