Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!bloom-beacon!mit-eddie!rutgers!rochester!pt.cs.cmu.edu!cadre!pitt!darth!libove!root
From: root@libove.UUCP (Jay M. Libove)
Newsgroups: news.admin
Subject: How safe is UUCP? (Was: Virus in the future?)
Message-ID: <196@libove.UUCP>
Date: 11 Nov 88 14:39:27 GMT
References: <74@dsoft.UUCP>
Organization: Libove, Pittsburgh, PA, U.S.A.
Lines: 51

From article <74@dsoft.UUCP>, by root@dsoft.UUCP (Super user):
> I see a lot of discussion going on about the virus that hit the net, and all
> I can think of is my past experiences and what I've seen as a result.
> 
> The Amiga's original virus came about as a harmless joke, similar to this
> one.  It got a great deal of coverage in the news as a result.  A very short
> time after that, at least three new viruses infected Amiga owners, and the
> war's been running ever since.

 [ some text deleted ]

> The point here, is that now we've got a virus on the nets.  It's made 
> big news in the process.  People are going to see this and some brilliant
> idiot is going to think "Wow, what an easy way to get public recognition!"
> No matter that he's going to screw someone over royally and take down systems
> all over the world. He wants the prestige, he wants the audience, he wants
> to be able to say he pulled something over on the bigshots.

 [ warning deleted ]

I agree with this philosophy. That is, one incidence of anything tends to
lead to other incidences of the same; physchologists will say this of
suicides in high schools, police departments will say it of violent crimes,
and from operating a bulletin board system some years ago I can say it (like
the fellow I quoted) of trojan horses and virii on computers.

So, my question is this: What bugs are known about in the many assorted
versions on UUCP software that the net at large is running? I, for myself,
am most concerned about whatever version SCO Xenix 286 v2.2.1 runs, but I'm
sure that everyone would be interested in knowing how they are vulnerable
and what they can do about it.

I'll give a test case - me; I run SCO Xenix 286 v2.2.1 with the telebit
trailblazer uucico upgrade (though I don't have a trailblazer modem), and I
run smail 2.5 configured pretty much in the default for SCO Xenix (as
patches were posted some time back).

I allow the commands (in /usr/lib/uucp/L.cmds)
 rmail, /usr/lib/uucp/uucico, rnews, cunbatch, uucp, uux

and my /usr/lib/uucp/USERFILE contains
 uucp, /
 , /

So, how vulnerable am I?

-- 
Jay Libove		ARPA:	jl42@andrew.cmu.edu or libove@cs.cmu.edu
5731 Centre Ave, Apt 3	BITnet:	jl42@andrew or jl42@drycas
Pittsburgh, PA 15206	UUCP:	uunet!nfsun!libove!libove or
(412) 362-8983		UUCP:	psuvax1!pitt!darth!libove!libove