Xref: utzoo comp.protocols.tcp-ip:5331 comp.unix.wizards:12388
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!cwjcc!ukma!psuvm.bitnet!cunyvm!ndsuvm1!ndsuvax!ncoverby
From: ncoverby@ndsuvax.UUCP (Glen Overby)
Newsgroups: comp.protocols.tcp-ip,comp.unix.wizards
Subject: Re: rtm and uucp
Summary: Everybody else and his parent processes, too
Keywords: overload
Message-ID: <1777@ndsuvax.UUCP>
Date: 13 Nov 88 23:02:46 GMT
References: <8409@alice.UUCP> <8597@rpp386.Dallas.TX.US>
Reply-To: ncoverby@ndsuvax.UUCP (Glen Overby)
Followup-To: comp.unix.wizards
Organization: Silo Tech, Fargo ND USA
Lines: 20


In article <8597@rpp386.Dallas.TX.US> jfh@rpp386.Dallas.TX.US
        (John F. Haugh II) writes:
>It would be so nice if someone would undertake a security audit to
>insure that work other college students did, which *is* currently
>in production, doesn't contain any surprizes.

Why are you worried only about college students?  We're not the only ones
in this world to commit crimes.

This security audit should go for any software posted to the net or
otherwise available (anon uucp, anon FTP, etc), as well as on a per-vendor
basis (who's to say that ABC computer maker didn't botch something in their
port?).

What you're prescribing is a pretty major task.  I'm sure that if anybody
with Unix Sources is sufficently worried about contamination they will
perform some sort of "audit" and report the bugs back to the Keeper of the
Sorces.

Glen Overby
ncoverby@plains.nodak.edu       uunet!ndsuvax!ncoverby
ncoverby@ndsuvax (Bitnet)