From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,RCVD_IN_DNSWL_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from minnie.tuhs.org (minnie.tuhs.org [45.79.103.53]) by inbox.vuxu.org (OpenSMTPD) with ESMTP id a6eca5cf for ; Fri, 11 Oct 2019 11:09:53 +0000 (UTC) Received: by minnie.tuhs.org (Postfix, from userid 112) id 8F5469B8CA; Fri, 11 Oct 2019 21:09:52 +1000 (AEST) Received: from minnie.tuhs.org (localhost [127.0.0.1]) by minnie.tuhs.org (Postfix) with ESMTP id D3FF193DBB; Fri, 11 Oct 2019 21:09:35 +1000 (AEST) Authentication-Results: minnie.tuhs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="WnSP5/D6"; dkim-atps=neutral Received: by minnie.tuhs.org (Postfix, from userid 112) id 4AE5C93DBB; Fri, 11 Oct 2019 21:09:33 +1000 (AEST) Received: from mail-yb1-f180.google.com (mail-yb1-f180.google.com [209.85.219.180]) by minnie.tuhs.org (Postfix) with ESMTPS id AFC6893D28 for ; Fri, 11 Oct 2019 21:09:32 +1000 (AEST) Received: by mail-yb1-f180.google.com with SMTP id z125so2969676ybc.4 for ; Fri, 11 Oct 2019 04:09:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=lfsDznWYPpU1pbjAvJMlrvg0WToSjA2uW5vTTwdSI+g=; b=WnSP5/D6hEvmDakO+y0nTPBVb/JCAKX7PNWt49KOXIN6sLg/Gpy9gMweHUFb+BNpTq FkFdfdyt1BWSc+L4pYxaDuyg/16Y1JWW5GHqzCZyPtFnr+buBt+iVZjYkdxsoA57pCwu unuyejM3ybIP6/OUP8R8VPMpA8nojI/TL8GAmJsG53T95lTzjAp+4NJaNFna5HnOTSNU 7RLY+wOOWd27e7E8zkSrHqaVI2qVwQr/TPVmsXp0/fRVj1I5oDOnZ+CAB5HPi0kGgORS 81W3c8w23xyECxcl8Un/Sh10ZIlcRYg5lWQTlCk/Ob2Xd0Sd1iJrloOtGv7dL/jOdyPf lpQQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=lfsDznWYPpU1pbjAvJMlrvg0WToSjA2uW5vTTwdSI+g=; b=U2+hLZhUkL9YMsql23uTNNwLveBwo0OnfJT0/ZJpyebB6iOoU881f85f0qG8kbpJPP FTDx6dKqzr0lOzUy2d0hHRoj0HnRN1KTQcfkTreWRT+7AMICTBsvYyhXNWgg4wqCPGxe 6XQd45+kO9/Ze8K4DUmCX66HTAyLMJWjJKKxz+GR2v80BzdcaxXdFAbuIN25i7cyz1WC enPwtXfOsiVY0Y7/DfGMtboW/bml25mceFrb610wUUkOMS6x48Ew12xMj2BK+H4Y8mj/ TjUOQlF/1RSQQ8BIn0qMCBuAVUL1awYR7Mmf1zOsci0W0F35lGEX4gvusySZjPjj/dD4 H+og== X-Gm-Message-State: APjAAAVg3RLDWrQsH9S9NSuT1sdk7p2MjDzdg25g6feJbEV97o4PKW0/ w7/LOvMry0OGAWDmJzg7+tJpigRowm4= X-Google-Smtp-Source: APXvYqy2mMGI/3PdJ7pcxIWpr9bS7Nn04Yhk4Vr+xEpaorLSues/yas5apgs5lbcC/pikn9XAL8d1Q== X-Received: by 2002:a25:7909:: with SMTP id u9mr10280283ybc.33.1570792171071; Fri, 11 Oct 2019 04:09:31 -0700 (PDT) Received: from [192.168.130.207] (pool-96-242-232-93.nwrknj.fios.verizon.net. [96.242.232.93]) by smtp.gmail.com with ESMTPSA id v40sm2018174ywh.109.2019.10.11.04.09.30 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 11 Oct 2019 04:09:30 -0700 (PDT) To: tuhs@minnie.tuhs.org References: <1570559927.29337.for-standards-violators@oclsc.org> <2e6e1005-3bbf-5dcc-3fcc-099864c752dc@kilonet.net> <8088e5bd-3530-d3e1-8066-db6ea9389dea@kilonet.net> From: William Pechter Message-ID: <2e0412a9-ba41-6c70-9a42-3a1da710823d@gmail.com> Date: Fri, 11 Oct 2019 07:09:35 -0400 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.1.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Subject: Re: [TUHS] Recovered /etc/passwd files X-BeenThere: tuhs@minnie.tuhs.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: The Unix Heritage Society mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tuhs-bounces@minnie.tuhs.org Sender: "TUHS" On 10/11/2019 2:24 AM, Dave Horsfall wrote: > On Thu, 10 Oct 2019, Nemo wrote: > >> Some (large) companies regularly run password crackers on their >> employees' passwords and inform them if their passwords are found >> "insufficiently strong to protect company assets". > > An ex-employer of mine (not the reason I left) used to do just that. > >> Good, bad, distasteful, prudent, off-topic? > > Depends :-) > > -- Dave And when I was an instructor and sysadmin at Pyramid, I caught a co-worker with a SUID ksh binary named  "..."  "hidden under his home directory in a directory named "..." because su took too long.  Yeah and su had logging.  Thank you COPS.  Not that I distrusted him -- but when you share sysadmin duties there are things thatshouldn't be done. Bill