Blatant Disregard

 

Actions which constititute blatant disregard  for Laboratory computer security

Failing to properly use passwords on user and system accounts

• Using null passwords.
• Using trivially guessable passwords, such as name, username, "guest", "password", etc...
• Putting passwords in "clear" text in world-readable files.
• Using "+ +" in .rhosts, effectively world access with null passwords.

Allowing access to system or user files for unauthorized users

• Allowing world read (or read/write) access to system or user files, outside of authorized and intended areas, through anonymous ftp, nfs export, world wide web, Windows shares, or other means.
• Allowing world read/write access to the same directory, creating a "file drop" for unauthorized users.