Path: utzoo!news-server.csri.toronto.edu!cs.utexas.edu!uwm.edu!zaphod.mps.ohio-state.edu!lavaca.uh.edu!menudo.uh.edu!sugar!ficc!peter
From: peter@ficc.ferranti.com (Peter da Silva)
Newsgroups: comp.mail.uucp
Subject: Re: help me explain that uucp is secure
Message-ID: <7.V9F8G@xds13.ferranti.com>
Date: 4 Mar 91 18:59:20 GMT
References: <357@menno.bethelks.edu>
Reply-To: peter@ficc.ferranti.com (Peter da Silva)
Organization: Xenix Support, FICC
Lines: 12

UUCP *isn't* secure, in general. The latest version of HDB on System V.3.2
seems pretty robust, but (for example) I've gotten arbitrary commands
executed on a V.2 system by appropriate shenanigans with the commands
I've sent it.

I'm posting this rather than emailing, because I think this is something
that people need to be aware of. Some versions of UUCP are pretty solid.
Some have holes you can drive a 747 through. Unless you let us know what
your system is there's no way of saying if you're safe or not.
-- 
Peter da Silva.  `-_-'  peter@ferranti.com
+1 713 274 5180.  'U`  "Have you hugged your wolf today?"