Path: utzoo!mnetor!tmsoft!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!uunet!world!unixland!bill
From: bill@unixland.uucp (Bill Heiser)
Newsgroups: comp.unix.sysv386
Subject: Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386
Keywords: BAD BUG
Message-ID: <1991Feb15.234035.8378@unixland.uucp>
Date: 15 Feb 91 23:40:35 GMT
References: <6027@unix386.Convergent.COM> <1991Feb15.134715.16979@virtech.uucp> <16434@chopin.udel.edu>
Organization: Think_Tank BBS & Public Access Unix
Lines: 16

In article <16434@chopin.udel.edu> weave@chopin.udel.edu (Ken Weaverling) writes:
>
>That would have the same shock value for sysadmins, then I could do 
>*something* to buy myself *some* time like make user.h 600 or make it

Are you suggesting that making user.h is a "work-around" for the problem?
It would seem that anyone dedicated to using this "door" would just 
use an equivalent file of their own from another system.  Or can this be
done?


-- 
home:	...!{uunet,bloom-beacon,esegue}!world!unixland!bill
	bill@unixland.uucp              The Think_Tank BBS & Public Access Unix
508-655-3848 (2400)   508-651-8723 (9600-HST)   508-651-8733 (9600-PEP-V32)
other:	heiser@world.std.com