Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!cbosgd!ulysses!allegra!mit-eddie!think!harvard!cmcl2!phri!roy
From: roy@phri.UUCP (Roy Smith)
Newsgroups: net.news,net.wanted.sources
Subject: Re: Shar format found dangerous
Message-ID: <2322@phri.UUCP>
Date: Wed, 23-Apr-86 10:23:55 EST
Article-I.D.: phri.2322
Posted: Wed Apr 23 10:23:55 1986
Date-Received: Fri, 25-Apr-86 05:04:07 EST
References: <214@randvax.UUCP> <474@zaphod.UUCP>
Reply-To: roy@phri.UUCP (Roy Smith)
Distribution: net
Organization: Public Health Research Inst. (NY, NY)
Lines: 12
Keywords: shar danger scary path rbin
Xref: watmath net.news:4764 net.wanted.sources:2228
Summary: Why bother replacing one security hole with another?

In article <474@zaphod.UUCP> bobd@zaphod.UUCP (Bob Dalgleish) writes:
> I guess that I am a little unclear why we can't make "shar" safe.

	As has already been pointed out, no matter how safe you make the
un-shar program, you still havn't done anything about the actual code that
you are going to compile and run (or the Makefile, or ...) so all you've
really done is shoved your head a bit further into the sand.

-- 
Roy Smith, {allegra,philabs}!phri!roy
System Administrator, Public Health Research Institute
455 First Avenue, New York, NY 10016