Xref: utzoo comp.protocols.tcp-ip:5461 comp.unix.wizards:12677 Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!cwjcc!hal!ncoast!allbery From: allbery@ncoast.UUCP (Brandon S. Allbery) Newsgroups: comp.protocols.tcp-ip,comp.unix.wizards Subject: Re: rtm and uucp Message-ID: <13153@ncoast.UUCP> Date: 20 Nov 88 18:05:57 GMT References: <8409@alice.UUCP> <8597@rpp386.Dallas.TX.US> <13059@princeton.Princeton.EDU> Reply-To: allbery@ncoast.UUCP (Brandon S. Allbery) Followup-To: comp.protocols.tcp-ip Organization: Cleveland Public Access UN*X, Cleveland, Oh Lines: 26 As quoted from <13059@princeton.Princeton.EDU> by alb@olden.uucp (Adam L. Buchsbaum): +--------------- | In article <8597@rpp386.Dallas.TX.US> jfh@rpp386.Dallas.TX.US (John F. Haugh II) writes: | >It would be so nice if someone would undertake a security audit to | >insure that work other college students did, which *is* currently | >in production, doesn't contain any surprizes. | | Being just an ignorant graduate student myself, I can't figure out | whether this implies that all college students are suspect, anyone who | is not in college is not suspect, or both? Perhaps John F. Haugh II | could clarify this for me? +--------------- You misunderstand; he's not talking about RTMorris, he's talking about the kind of peoplke who wrote sendmail, and fingerd, and other programs that might have inadvertent security holes in them. And we've *all* done it at one time or another. An independent audit of "important" code is a good idea. ++Brandon -- Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X uunet!hal.cwru.edu!ncoast!allbery ncoast!allbery@hal.cwru.edu allberyb@skybridge.sdi.cwru.edu allbery@uunet.uu.net comp.sources.misc is moving off ncoast -- please do NOT send submissions direct Send comp.sources.misc submissions to comp-sources-misc@.