Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!mips!spool.mu.edu!snorkelwacker.mit.edu!paperboy!hsdndev!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.unix.wizards
Subject: Re: Serious potential security problem. (was Re: BSD tty security, part 3: How to Fix It)
Message-ID: <7224:May202:17:1891@kramden.acf.nyu.edu>
Date: 2 May 91 02:17:18 GMT
References: <1991May1.140953.20081@mp.cs.niu.edu>
Organization: IR
Lines: 12

In article <1991May1.140953.20081@mp.cs.niu.edu> rickert@mp.cs.niu.edu (Neil Rickert) writes:
>  Why are we worrying about somebody sneaking in through a tiny crack in the
> basement, when the front door is swinging wide open.
  [ ... ]
> 	/etc/hosts.equiv contains the infamous '+' line.

Sun makes lots of mistakes, and vendors who take ideas from Sun copy the
mistakes. However, relatively few Suns are multiuser machines; the
``tiny crack in the basement'' is in *everyone's* basement, not just
Sun's.

---Dan