informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/hacking/POLICIES/michstu

283 lines
12 KiB
Plaintext
Raw Normal View History

Initial commit
2021-04-15 11:31:59 -07:00
In response to the request for site-specific policies and procedures,
here is the first draft of a policy that we are putting in place here.
This policy has not yet been approved by the dean, the head of academic
computing, the provost, or the university lawyers, so I expect there will
be a number of changes before it is actually enacted and distributed. It
should be a useful starting point for others embarking on the same process.
---------------------------------------------------------------------------
College of Engineering Computer Use Policy
John Lees, Manager
Systems and Network Software Services
A. H. Case Center for CAE/M
College of Engineering, Michigan State University
112 Engineering Building, East Lansing, MI 48824-1226
lees@egr.msu.edu, lees@msuegr.bitnet, CompuServe 74106,1324
ABSTRACT
This DRAFT Computer Use Policy applies specifi-
cally to the facilities in the College of Engineering
operated by the Case Center for use by all College of
Engineering students, faculty, and staff. Facilities
within the College operated by individual departments
or research groups may have more stringent use poli-
cies. This policy was drafted by the Ethics Subcommit-
tee of the Case Center Advisory Committee during the
1989/90 academic year. The members of the Committee
were: Dr. Erik Goodman, Dr. Robert Barr, John Lees,
Fred Hall, Steve Southward, and William Su.
A person in violation of this policy may be subject to adminis-
trative action, with a penalty of a fine, restitution for ser-
vices used, or loss of computer privileges. Some actions covered
by this policy are also covered by University regulations or
all-University policies, the violation of which could lead to
academic judicial proceedings. Some actions covered by this pol-
icy are also covered by City, State, or Federal law, the viola-
tion of which could lead to civil or criminal prosecution.
For the purposes of this policy, a user is any person consuming
computer resources; a staff member is a person acting in an offi-
cial capacity as a staff member. The same person may be a staff
member during part of the day and a user during other parts of
the day.
The terminology used in this policy tends to reflect the UNIX
operating system, which is used on the majority of computers in
the College of Engineering, but is intended to apply to all
operating systems in use in the College.
1. User Responsibilities
A user of College of Engineering computer facilities should obey
the following general guidelines.
1.1 Files owned by individual users or staff members are to be
considered as private, whether or not they are accessible by
other users.
1.1.1 That you can read a file does not mean that you may
read a file. Files belonging to individuals are to be
considered private property.
1.1.2 Under no circumstances should you alter a file that
does not belong to you. The ability to alter a file
does not give you the right to alter a file.
1.1.3 The United States Government [citation needed]
includes electronic mail (email) in the same category
as messages delivered by the United States Postal Ser-
vice. This means that tampering with email, interfer-
ing with the delivery of email, and the use of email
for criminal purposes may be felony offenses.
1.2 Many resources, such as file space, CPU cycles, printer
queues, batch queues, login sessions, and software licenses,
are shared by all users. No user should monopolize these
shared resources.
1.2.1 Use as little file space as practical, making use of
available means for compressing and archiving files.
1.2.2 Terminate all "background" jobs before logging out.
Long running, non-interactive jobs should be run in
batch queues (if available).
1.2.3 Read and follow the posted policies on printer use.
1.2.4 Make appropriate use of batch queues and job priori-
ties. Do not load the system in such a way that oth-
ers cannot perform useful work.
1.2.5 Do not tie up resources with multiple, unused login
sessions.
1.2.6 Relinquish licensed software, such as FrameMaker, when
you no longer are using the license.
1.2.7 Respect the resources of workstations located in pub-
lic labs. Do not login to such a workstation and run
jobs that would interfere with use of that workstation
by a person sitting in the lab.
1.3 Not all the computer facilities in the College of Engineer-
ing are public resources (public to the College of Engineer-
ing community). Users found using non-public facilities may
be summarily logged-off those resources.
1.3.1 Some machines are designated as "file servers", and
carry login messages asking users to not use these
machines for login purposes.
1.3.2 Workstations on faculty and staff desks should not be
used as login resources without the specific permis-
sion of the faculty or staff who use those machines.
1.3.3 Printers and other peripheral devices not located in
public labs and advertised as available should not be
used without specific permission.
1.4 Because this is an educational environment, computer systems
are generally open to perusal and investigation by users.
This access must not be abused either by attempting to harm
the systems, or by stealing copyrighted or licensed
software.
1.4.1 System-level files (not owned by individuals) may be
used and viewed for educational purposes if their
access permissions so allow.
1.4.2 Most system-level files are part of copyrighted or
licensed software, and therefore you should not make
your own copies of these files, in whole or in part,
except as needed as part of an educational exercise.
Removing copies of copyrighted software from the sys-
tem on which it is licensed may be a violation of the
copyright or license.
1.4.3 The same standards of intellectual honesty and pla-
giarism apply to software as to other forms of pub-
lished work. Treat system software is if it were a
library you were browsing. Acknowledge borrowing
code, algorithms, or data structures from the work of
other people.
1.4.4 Making your own copies of software having a restricted
use license is theft. So is figuring out how to
"beat" the license.
1.4.5 Deliberate alteration of system files is vandalism or
malicious destruction of University property.
1.5 College of Engineering computing facilities are provided for
academic uses (instruction and research) and some adminis-
trative uses.
1.5.1 The license agreements for some pieces of software may
specifically restrict the software to instructional
use. Please check with the Case Center before you use
licensed software for research or administrative
tasks.
1.5.2 Do not make use of any University computing facilities
for any activity that is commercial in nature without
first obtaining written approval to do so. Commercial
activities include: consulting, developing software
for sale, and in general any activity for which you
are paid from non-University funds.
1.6 Facilities are often available on an unmonitored basis. It
is the responsibility of every user to act in such a manner
as to not cause damage to the physical equipment.
Accidental damage, or damage caused by other parties, should
be reported as soon as possible so that corrective action
can be taken.
College facilities are paid for and operated in part with
student money. Please help take care of them! Please bring
problems to staff attention!
2. User Rights
A user of College of Engineering computer facilities has the fol-
lowing rights and privileges.
2.1 You should not be denied access to facilities by someone who
is not using the facilities for research or instructional
purposes, or who is not a student, faculty, or staff member
of the College of Engineering. You have the right to ask an
appropriate staff member to remove such a person so you can
use the facilities.
2.2 You have the right to not be harassed while using College of
Engineering facilities, whether it be physical, verbal,
electronic, or any other form of abuse. You have the right
to ask an appropriate staff member to take steps to end any
abuse to which you are subjected.
3. Staff Responsibilities
In general, the staff of the College of Engineering computer
facilities has the responsibility of enforcing the rights and
responsibilities of the users of those facilities to the best of
their ability. Several specific staff responsibilities are
listed below.
3.1 Staff should not make use of facilities intended for
instructional purposes unless this is necessary to correct
an urgent problem. Instructional facilities should never be
used for day-to-day staff work unless these facilities are
currently being under-utilized by students.
3.2 Staff should at all times respect the privacy of user files,
mail, and printer listings (but see Staff Rights below).
4. Staff Rights
The staff in general have the right to do whatever is necessary
to carry out their responsibility to keep the College computing
resources operating and available.
4.1 The networked computer environment in the College of
Engineering is a facility provided to faculty, staff, and
students to enable them to accomplish certain tasks required
by their roles within the College and the University. There
is an acknowledged trade-off between the absolute right of
privacy of a user, and the need of the staff to gather
necessary information to insure the continued functioning of
this College-wide resource.
In the normal course of system administration, the staff may
have to examine files, mail, and printer listings to gather
sufficient information to diagnose and correct problems with
system software, or to determine if a user is acting in vio-
lation of the policies set forth in this document. The
staff has the right to do this.
As mentioned in Staff Responsibilities, above, the staff has
an obligation to maintain the privacy of a user's files,
mail, and printer listings.
4.2 Because this is an educational institution, some behavior is
tolerated, even encouraged, that would not be allowed at a
"normal" commercial site. This, combined with the fact that
there is relatively free and uncontrolled access to our sys-
tems via network connections around the world, causes spe-
cial problems for the staff.
In general, the staff allows the users great freedom in use
of the facilities. However, there are certain kinds of
threatening or damaging behavior against which the staff
will take action. For example: owning or using burglar's
tools, worms, viruses, or trojan horses.
Any such action will be taken carefully, because there may
be legitimate reasons for people to have such objects in
their possession. Staff will normally take action only if
there is clear and convincing reason to believe that a user
is violating the policies outlined in this document.
A user who feels that s/he has legitimate reason to experi-
ment with security-related aspects of the computer facili-
ties should discuss the project with staff before embarking
on the experiment. This will help prevent a perhaps embar-
rassing intervention by the staff.
5. Bibliography
We will attach a bibliography of pertinent University publica-
tions in which to find official rules and regulations.