Actions which constititute blatant disregard  for Laboratory computer security

Failing to properly use passwords on user and system accounts

  • Using null passwords.
  • Using trivially guessable passwords, such as name, username, "guest", "password", etc...
  • Putting passwords in "clear" text in world-readable files.
  • Using "+ +" in .rhosts, effectively world access with null passwords.

Allowing access to system or user files for unauthorized users

  • Allowing world read (or read/write) access to system or user files, outside of authorized and intended areas, through anonymous ftp, nfs export, world wide web, Windows shares, or other means.
  • Allowing world read/write access to the same directory, creating a "file drop" for unauthorized users.