Path: utzoo!utgpu!jarvis.csri.toronto.edu!rutgers!cs.utexas.edu!uunet!ncc!atha!lyndon
From: lyndon@cs.AthabascaU.CA (Lyndon Nerenberg)
Newsgroups: comp.unix.ultrix
Subject: Re: Ultrix Security Problem
Summary: Don't forget who we're dealing with
Message-ID: <622@aurora.AthabascaU.CA>
Date: 14 Jun 89 18:23:55 GMT
References: <7091@cbmvax.UUCP>
Organization: Athabasca University
Lines: 17

In article <7091@cbmvax.UUCP> grr@cbmvax.UUCP (George Robbins) writes:
>Ultrix 3.0 introduced a new, serious, security hole that allows any
>informed user to obtain access to root privileges by typing a single
>command line.
>
>Please contact DEC software support to obtain the workaround for this
>problem, as in most cases, I have no unambiguous way of distinguishing
>a concerned administrator from an inquisitive cracker.

Can you give us a bug number or something similar we can use to
reference this when calling DEC technical support? Trying to describe
a problem with a description like that usually results in spending
too many hours on the phone for my liking.-- 
Lyndon Nerenberg / Computing Services / Athabasca University
{alberta,decwrl,ncc}!atha!lyndon || lyndon@cs.AthabascaU.CA

 Trying to manage programmers is like trying to herd cats!