Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!burl!codas!mtune!quincy!lenny
From: lenny@quincy.UUCP
Newsgroups: unix-pc.general,comp.sys.att,comp.unix.wizards
Subject: Security problem on UNIX PC's
Message-ID: <54@quincy.UUCP>
Date: Wed, 23-Sep-87 08:56:09 EDT
Article-I.D.: quincy.54
Posted: Wed Sep 23 08:56:09 1987
Date-Received: Sat, 26-Sep-87 08:39:33 EDT
Organization: American LP Systems, Inc., Islandia, NY
Lines: 30
Keywords: security, root, problem, unix-pc
Xref: utgpu junk:5825 comp.sys.att:1116 comp.unix.wizards:4129

Security problem #1:

Under release 3.5 or more.  Send mail to yourself on 3B1, wait for the
<MAIL ENVELOPE> icon and then press either <MSG> or point to it with mouse and
press <B1>.  You immediately get thrown into mail, with your message displaying
and at the ? prompt type:  !sh   "Look ma, I'm root!"

Security problem #2:

A lot of people keep "tutor" with no password and widely distribute their
dialup number.  Tutor, a non-expert user, can't run the shell?! Or can they?
Create a file in the Filecabinet, editor either "vi" or "ed" and do a ":!sh"
in vi or "!sh" in ed, and wha-la!

Security problem #3:

Mail setup... UUCP phone numbers and passwords in the L.sys file are normally
protected so that NON-SUPERUSER people cannot hack them!  Go into mail setup
(any user... even Tutor) and you can get all the necessary hacking information!
Bad!!!!

Any others would be appreciated!!

					-Lenny

-- 
Lenny Tropiano               ...seismo!uunet!swlabs!godfre!quincy!lenny  -or-
American LP Systems, Inc.           ...cmcl2!phri!gor!helm!quincy!lenny  -or-
1777-18 Veterans Memorial Hwy.   	          ...mtune!quincy!lenny  -or
Islandia, New York 11722     +1 516-582-5525 ...ihnp4!icus!quincy!lenny