[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] user name = user

Subject: RE: [cobalt-security] user name = user
From: Carrie Bartkowiak <ravencarrie@xxxxxxxx>
Date: Tue, 24 Jul 2001 01:18:58 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Mon, 23 Jul 2001 15:35:38 +0100, Malcolm Wild mumbled something 
like:
>>in a paranoid world your right you wouldn't want the user to have
>>the
>>username publicly display anywhere but fixing this patch doesn't
>>stop all
>>the other holes
>>

Malcom,
I believe that he meant that his client had literally created a user 
named "user" - he wasn't saying that as a generic like johndoe or 
domain.com.

I'd delete the account and make the client choose something else. 
BTW, you can "reserve" usernames by setting up accounts with those 
names yourself (sales, info, webmaster...)
--
CarrieB
"The computer can't tell you the emotional story.  It can give you 
the exact mathematical design, but what's missing is the eyebrows." 
--Frank Zappa

References:
- RE: [cobalt-security] user name = user
  - From: Malcolm Wild
- [cobalt-security] user name = user
  - From: Kai Schantz, Euroweb

Prev by Date: Re: [cobalt-security] Using a separate machine for firewalling.
Next by Date: Re: [cobalt-security] Using a separate machine for firewalling.
Previous by thread: Re: [cobalt-security] user name = user
Next by thread: [cobalt-security] Fw: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index