Path: utzoo!attcan!uunet!samsung!umich!terminator!dabo.ifs.umich.edu!rees
From: rees@dabo.ifs.umich.edu (Jim Rees)
Newsgroups: comp.sys.apollo
Subject: Re: /etc/killall, what is it?
Keywords: undocumented, dangerous
Message-ID: <1990Jul28.204241.14946@terminator.cc.umich.edu>
Date: 28 Jul 90 20:42:41 GMT
References: <551@eba.eb.ele.tue.nl> <1990Jul28.142626.28237@IRO.UMontreal.CA>
Sender: usenet@terminator.cc.umich.edu (usenet news)
Reply-To: rees@citi.umich.edu (Jim Rees)
Organization: University of Michigan IFS Project
Lines: 22

In article <1990Jul28.142626.28237@IRO.UMontreal.CA>,
goutier@IRO.UMontreal.CA (Claude Goutier) writes:
  
  It is not the first time that someone discover an undocumented program
  that happens to be dangerous.

I don't consider killall to be dangerous to the system, since it doesn't let
you kill any process you don't own.  It may be dangerous to individual users,
but anyone who runs a program named "killall" without first finding out what
it does deserves whatever they get.

  I suggest that every such program be considered
  suspect and that we ask the software provider what does those programs are
  doing there. Are they trapdoor ones ? Do their lawyers will provide
compensation
  if any wrongdoing happens because of those ?

Apollo may be occasionally incompetent but I doubt that they are malicious.
When you are trying to decide whether to trust a piece of software, you need
to ask yourself whether you trust its author, and adjust your trust level
accordingly.  See Ken Thompson's Turing award speech for an excellent
discussion of this topic.