Xref: utzoo news.admin:4027 news.sysadmin:1591 comp.mail.uucp:2295
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!iuvax!bsu-cs!dhesi
From: dhesi@bsu-cs.UUCP (Rahul Dhesi)
Newsgroups: news.admin,news.sysadmin,comp.mail.uucp
Subject: Re: Dangerous hole in Usenet!
Keywords: "it's a secret ... but they told me!" -- david dobkin
Message-ID: <4833@bsu-cs.UUCP>
Date: 19 Nov 88 15:10:48 GMT
References: <1227@vsi1.UUCP> <117@hudson.Morgan.COM> <800@mailrus.cc.umich.edu>
Reply-To: dhesi@bsu-cs.UUCP (Rahul Dhesi)
Organization: CS Dept, Ball St U, Muncie, Indiana
Lines: 13

In article <800@mailrus.cc.umich.edu> honey@citi.umich.edu (peter honeyman)
writes:
>the major hole has to do with handing certain news articles to
>sed|sh.

Are we talking about automatic extraction of UUCP maps?  We do it here
by first chroot(2)'ing to a small directory tree with just a few tools
on it.  My code is based on John Quarterman's more complex package.

I didn't realize that the danger of piping Usenet postings was a
secret.
-- 
Rahul Dhesi         UUCP:  <backbones>!{iuvax,pur-ee}!bsu-cs!dhesi