Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!iuvax!purdue!haven!ncifcrf!nlm-mcs!mimsy!chris
From: chris@mimsy.umd.edu (Chris Torek)
Newsgroups: comp.lang.c
Subject: Re: Unix System Security
Message-ID: <21880@mimsy.umd.edu>
Date: 17 Jan 90 07:23:05 GMT
References: <1989Dec12.014608.12607@polyof.poly.edu> <1670020@otter.hpl.hp.com> <6354@levels.sait.edu.au>
Followup-To: nowhere
Organization: U of Maryland, Dept. of Computer Science, Coll. Pk., MD 20742
Lines: 16

(NB: this does not belong in comp.lang.c)

In article <6354@levels.sait.edu.au> CCDN@levels.sait.edu.au (david newall)
writes:
>The recent internet worm, which took advantage of a number of long standing
>security holes, serves as a fine example of how these issues can be ignored.
>Despite the fact that these were "well known" security problems, nothing had
>been done to correct the situation.

Despite the fact that people keep claiming that the finger bug and the
sendmail `debug' bug were well known, nothing had ever been reported of
them.  If anyone knew of these bugs, it did not include those responsible
for maintaining the software.
-- 
In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 7163)
Domain:	chris@cs.umd.edu	Path:	uunet!mimsy!chris