Xref: utzoo comp.unix.admin:1836 alt.security:2526
Path: utzoo!utgpu!cs.utexas.edu!sun-barr!newstop!central!convex!usenet
From: tchrist@convex.COM (Tom Christiansen)
Newsgroups: comp.unix.admin,alt.security
Subject: Re: mailing to uudecode
Message-ID: <1991May14.101027.697@convex.com>
Date: 14 May 91 10:10:27 GMT
References: <5834@mindlink.bc.ca>
Sender: usenet@convex.com (news access account)
Reply-To: tchrist@convex.COM (Tom Christiansen)
Organization: CONVEX Software Development, Richardson, TX
Lines: 16
Nntp-Posting-Host: pixel.convex.com

From the keyboard of Gord_Wait@mindlink.bc.ca (Gord Wait):
:On sun sparc os 4.1.1 there is a default mail alias called uudecode. Is this a
:useful thing? I can't get it to do anything but spit out error messages when I
:mail it uuencoded files. Any clues appreciated.

It is usually more useful to a cracker than to you, as it usually allows
him to overwrite daemon-writable files anywhere on the system, or to
create setuid-daemon programs.  Depending on your sendmail, it may
even be worse than this.

I suggest you expurgate it from your system in all due haste.

--tom
--
Tom Christiansen		tchrist@convex.com	convex!tchrist
		"So much mail, so little time."