Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!decuac!avolio
From: avolio@decuac.DEC.COM (Frederick M. Avolio)
Newsgroups: net.unix,net.unix-wizards
Subject: Re: Slaying Gould dragon with a wooden horse
Message-ID: <1080@decuac.DEC.COM>
Date: Tue, 28-Oct-86 10:36:03 EST
Article-I.D.: decuac.1080
Posted: Tue Oct 28 10:36:03 1986
Date-Received: Tue, 28-Oct-86 21:12:52 EST
References: <161@unisec.UUCP>
Organization: ULTRIX Applications Center, MD
Lines: 20
Keywords: secure unix trojan horse gould
Xref: mnetor net.unix:6055 net.unix-wizards:8489

In article <161@unisec.UUCP>, dpw@unisec.UUCP (Darryl Wagoner) writes:

> The question I have for the net is: Is using a trojan horse a legit way
> to break into a system?  What is your opinion?


This is silly.  (I am *NOT* calling Darryl silly!)  Asking if there is
a legitimate way to break in to a system.  Anything that works is
"legitimate" if you can call something `devious' legitimate.  Having
the current directory in your superuser search path is always
dangerous and kind of an obvious thing to avoid.  In fact, you might
argue that root should have a NULL path and have to expressly give
full paths for every command to be sure.  (I wouldn't argue this...
but I have fat fingers.)

I assume you didn't win the color TV.  I hope you were included in the
drawing.  Saying "No fair!" when someone does something unanticipated
is foul play.  (Let us remember Kirk's solution to the Kobiashi Maru
challenge. (And please no spelling corrections please.  I couldn't
care less.))