[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Remailer Security

To: [email protected]
Subject: Re: Remailer Security
From: "E. ALLEN SMITH" <[email protected]>
Date: Sat, 9 Mar 1996 18:13 EDT
Cc: [email protected]
Sender: [email protected]

From: [email protected] (Jonathan Rochkind)

>Um, there's no reason why your remailer's account needs to be logged into
>interactively, is there?  Seems like remailer ops should disable login to
>remailer accounts, putting '*' into the password field in /etc/passwd, or
>however unix lets you disable login (I know it does).

	This depends on the setup at the remailer machine. If I'm operating
a remailer off of a rented account on a commercial machine, how am I going to
maintain the remailer when it crashes if I can't get into that account? This
would work to some degree if the machine in question had the remailer program
in a publically-accessible account, and all the remailer account was doing was
A. acting as a forwarding account and B. containing info like the private key
of the remailer. But it could still go wrong in a way such that you'd need to
get into the account (or have root access, which is equivalent from what I
know of the subject).
	-Allen

Prev by Date: Someone in a goverment with something close to the right idea...
Next by Date: Virtual Magistrate Project
Prev by thread: Remailer Security
Next by thread: Square pegs in round holes
Index(es):
- Date
- Thread