Hi folks! I just had an idea the other, er..., night, that still seemed smart when I woke up, so I figured I'll post it here in case it is... :-)
The problem with e.g. telnet isn't really that it shouldn't be used for anything, but that it shouldn't be used by somebody. It is quite OK to use to check what the webserver responds to a particular request, for example. But, you wouldn't want ma to use it and send her password in cleartext. What I did was that I changed group ownership of /usr/bin/telnet.netkit to staff and made it executable for only root and staff. I figured, something like that could harden-clients do too, configurable through standard means. That way, people with correct privileges could still use telnet for sensible things, yet the admin would be warned if they did something very careless with other packages. Clever? :-) (I'm not currently subscribed to this list, please keep me on the CC) Best, Kjetil -- Kjetil Kjernsmo Astrophysicist/IT Consultant/Skeptic/Ski-orienteer/Orienteer/Mountaineer [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] Homepage: http://www.kjetil.kjernsmo.net/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
