Path: utzoo!mnetor!uunet!lll-winken!lll-lcc!mordor!sri-spam!ames!hao!gatech!bloom-beacon!athena.mit.edu!wesommer
From: wesommer@athena.mit.edu (William E. Sommerfeld)
Newsgroups: comp.unix.wizards
Subject: Re: Help us defend against VMS!
Message-ID: <3352@bloom-beacon.MIT.EDU>
Date: 29 Feb 88 23:36:52 GMT
References: <1636@tulum.UUCP> <20268@bu-cs.BU.EDU> <14433@oddjob.UChicago.EDU>
Sender: daemon@bloom-beacon.MIT.EDU
Reply-To: wesommer@athena.mit.edu (William E. Sommerfeld)
Organization: Massachusetts Institute of Technology
Lines: 22

In article <14433@oddjob.UChicago.EDU> matt@oddjob.UChicago.EDU (Mr. nEtural) writes:
>Let me add a few words to Barry's many.
>
>When was the last time you heard of a similar break-in against unix
>systems?  The only one I can remember was a couple years ago, and
>source and object-only fixes to the buggy system program were
>circulated almost instantly.

I think that there was another rash of breakins somewhat more recently
(~1 year ago?) which got a lot of press on RISKS among other places.
None of the breakins were due to software bugs per se, but rather to
sloppy protection configurations and overly trusting .rhosts files.

These types of security holes are particularly tricky to deal with,
and sometimes quite easy to exploit; a friend of mine has broken into
Multics systems (though not ones being run by the DoD) using these
techniques with the Multics equivalent of UUCP.  He wound up with a
ring-zero gate - the equivalent of his own private system call - and
had some fun `playing god' before he made a bug report.  He had
reported the same problem earlier, but it was ignored as `not a
security hole'.

					- Bill