Aucbvax.3072
fa.unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Fri Sep 11 00:10:27 1981
security holes in mail
>From decvax!duke!unc!smb@Berkeley Fri Sep 11 00:03:32 1981
In-real-life: Steven M. Bellovin
Location: University of North Carolina at Chapel Hill

ucbmail would seem to have several security holes regarding people
who mail to pipes or files over a network.  delivermail will blithely
open files, invoke csh, etc., running as whoever invoked it.  If that's
a network server -- well, it's too bad, isn't it....