From: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Date: Sat, 9 Mar 1996 13:13:27 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Remailer Security
Message-ID: <ad6127500102100411d6@[132.162.233.188]>
MIME-Version: 1.0
Content-Type: text/plain


At 11:06 PM 03/04/96, lmccarth@cs.umass.edu wrote:
>Bottom line: if you can crack (say) the 8-character Unix passphrase for a
>remailer account, you have full access to the remailer's secrets and all the
>opportunities that presents. Good remailer account passphrases are
>important.

Um, there's no reason why your remailer's account needs to be logged into
interactively, is there?  Seems like remailer ops should disable login to
remailer accounts, putting '*' into the password field in /etc/passwd, or
however unix lets you disable login (I know it does).

Obviously, the general security risk of someone gaining unauthorized access
to the remailer executable or data files is still there, and important to
keep in mind.  But this would seem to be a fairly logical security measure.