Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!rosevax!ems!eta!lm
From: lm@eta.ETA.COM (Larry McVoy)
Newsgroups: comp.sys.att
Subject: Re: Irresponsibility (Was: Security problem on UNIX PC's)
Message-ID: <8700178@eta.ETA.COM>
Date: Mon, 28-Sep-87 17:56:42 EDT
Article-I.D.: eta.8700178
Posted: Mon Sep 28 17:56:42 1987
Date-Received: Thu, 1-Oct-87 05:10:49 EDT
References: <54@quincy.UUCP> <149@manta.UUCP>
Reply-To: lm@eta.UUCP (Larry McVoy)
Organization: ETA Systems, Inc., St Paul, MN, USA
Lines: 17
Keywords: security, root, problem, unix-pc

In article <149@manta.UUCP> brant@manta.UUCP (Brant Cheikes) writes:
>result, it's irresponsible to post articles giving exact directions
>for violating system security.  

Bullshit.  The best way to make a system secure is to do exactly what the
poster did: broadcast the information on how to break in.  Then it is
*your* problem as a systems administrator to fix it.  Pretending that 
the problem doesn't exist, or worse yet - knowing that it does and 
ignoring it, is a lazy man's reaction.

You ought to read the paper on Unix security.  They say (probably more
concisely) more or less the same thing I did.  Have an open system and
challenge people to break in.  It's the quickest way to plug holes.
-- 

Larry McVoy	uucp: ...!{uiucuxc, rosevax, meccts, ihnp4!laidbak}!eta!lmcvoy
		arpa: eta!lmcvoy@uxc.cso.uiuc.edu