NASA's OIG

Jeffrey C. Hunt (jhunt@eagle1.eaglenet.com)
Wed, 30 Aug 1995 21:28:58 -0400 (EDT)

     Joe Dellinger's assessment is, I believe, (unfortunately)
correct.  My understanding of how OIG's method of allowing an
individual to download a file from OIG to his access provider's
account is also correct.  That is what has to be done to transfer
a file from OIG.  What does the access provider tell you when you
open an account, " Don't give out your password!"
Duuh - will someone please take this 2X4 out of my skull and not
give it back to Mr. Dellinger.  Here's a case of my not thinking
an action through because a "government system" says this is what
they need to allow me to transfer a file.  Since everyone has to
do it, why not myself?  Well, I've plugged one hole and I changed
my password.  Next, I will send a message to my access provider
and let him evaluate my actions.  I would like to hear from him
(I'm sure I will) if he thinks this is a security breach to his
system.  I know it is to my files.  However, I use a shell account
and only five megs belong to me and there's nothing on there I
wouldn't want some one to see.  As to the rest of the 3 gigabytes,
I can't say, but my administrator may be rolling his eyes to the
back of his head when he reads this.
     If someone else has a better understanding
of the OIG process please butt in, NOW!  There has to be other
users on this list out there (or are they too busy changing their
password).
     My first reaction to Joe's post was yes, he IS paranoid, but
it sounds like he has been there before.  You can have your 2X4
back now, Joe.  Jeff <jhunt@eaglenet1.eaglenet.com>