Path: utzoo!mnetor!tmsoft!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!udel!brahms.udel.edu!weave
From: weave@chopin.udel.edu (Ken Weaverling)
Newsgroups: comp.unix.sysv386
Subject: Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386
Keywords: BAD BUG
Message-ID: <16439@chopin.udel.edu>
Date: 16 Feb 91 17:00:19 GMT
References: <1991Feb15.134715.16979@virtech.uucp> <16434@chopin.udel.edu> <1991Feb15.234035.8378@unixland.uucp>
Organization: University of Delaware
Lines: 16

In article <1991Feb15.234035.8378@unixland.uucp> bill@unixland.uucp (Bill Heiser) writes:
>In article <16434@chopin.udel.edu> weave@chopin.udel.edu (Ken Weaverling) writes:
>>
>>That would have the same shock value for sysadmins, then I could do 
>>*something* to buy myself *some* time like make user.h 600 or make it
>
>Are you suggesting that making user.h is a "work-around" for the problem?

No. Obviously they could probably get the file elsewhere, but it might
slow them down until I can get a fix from my vendor (hopefully any day
now...).  The students on my systems that I fear are the ones that know
just enough to be dangerous.  The truly bright ones that are also
mischevious I know and already keep an eye on!

-- 
>>>---> Ken Weaverling  >>>---->  weave@brahms.udel.edu