Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!zaphod.mps.ohio-state.edu!mips!daver!tscs!tct!chip From: chip@tct.uucp (Chip Salzenberg) Newsgroups: comp.unix.sysv386 Subject: Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386 Keywords: BAD BUG Message-ID: <27C2A94A.33A0@tct.uucp> Date: 20 Feb 91 16:52:26 GMT References: <27B93F44.5606@tct.uucp> <3214@sixhub.UUCP> <1991Feb19.042353.27075@chinet.chi.il.us> Organization: Teltronics/TCT, Sarasota, FL Lines: 31 According to pdg@chinet.chi.il.us (Paul Guthrie): >I'm sick of people calling this a "gaping kind-you-can-drive-a-truck-through >hole" in UNIX security. If it was so gaping, how come it has never come up >here before, like so many other obscure problems? Think about this: ANYONE CAN BECOME ROOT AT ANY TIME. That's not a "gaping" security hole? If there ever was a bug that deserved the description "huge, gaping, obvious, drive-a-truck-through-it", it's this one. >ISC was fixing this... ^^^^^^^^^^^^^^^^^^^ So far, not even the ISC people have claimed that they were fixing it before the bug report here. If they had deemed it worth fixing, it would have been fixed between the release of 2.2 -- the absolutely latest date that ISC can claim ignorance -- and the release of 2.2.1. But it wasn't; so they weren't. QED. >"There is a terrible bug in ISC UNIX security that allows root access >instantaneously. I have mailed the problem to ISC (or reported the bug) to >ISC and will post the problem in 3 months. The clock is ticking ISC...." That would not have allowed the people who care about security to protect themselves for those three months. Yes, a coprocessor is expensive; but would you rather have an expensive, secure system or an inexpensive one full of holes? I know I'd turn the latter off. -- Chip Salzenberg at Teltronics/TCT , "It's not a security hole, it's a SECURITY ABYSS." -- Christoph Splittgerber (with reference to the upage bug in Interactive UNIX and Everex ESIX)