Xref: utzoo unix-pc.general:1867 comp.sys.att:4920 Path: utzoo!utgpu!watmath!uunet!ukma!mailrus!ames!haven!umbc3!alex From: alex@umbc3.UMD.EDU (Alex S. Crain) Newsgroups: unix-pc.general,comp.sys.att Subject: Re: interesting behaviour. (followup) Message-ID: <1437@umbc3.UMD.EDU> Date: 13 Dec 88 22:03:28 GMT References: <1430@umbc3.UMD.EDU> <444@uncle.UUCP> Reply-To: alex@umbc3.UMD.EDU (Alex S. Crain) Organization: University of Maryland, Baltimore County Lines: 43 I've gotten several replies, none of which are terribly helpful (although I sincerily appreciate the effort.) 1) This sounds a bit wierd, but I'm not really bothered by the fact that my disk was hosed. Fortunately My schoolwork was on another machine, and other then that I haven't really been doing much. I figure that I'll be back to normal by Febuary at the latest, and this gives me a chance to puruse my file structure and move things around a little bit. 2) I can't wait till I get another disk, so I reformatted the one I had. I doubt that I really lost much, because I've been running with between 1 and 6 Mb free for awhile, and the disk was getting seriously fragmented. The idea of picking through 70Mb of fragmented disk blocks is not appealing. 3) I wasn't running any of the obvious security holes with the exception of no root password. Ther are 3 user accounts on my machine, one is root and two are me. Since the machine has no other users (ever) I don't worry about security much. But I do leave protections intack to prevent hosing myself when running multiple gettys. so / is 755, etc. 4) So, my real question was how to trace UUCP mail, if possible. If I got hosed through mail, I would like to find out who did it, if only to publicly identify them and warn future victims. Since I can only sortof read uucp LOGFILEs, I don't really know what to look for. I am certain that If I got hosed by someone other then me, it came through mail. I normally would have blamed myself for this, and let it slide, but between ubluit and the accusations that have passed through this newsgroup lately, I figured that I should say something. BTW: Some time ago, a friend of mine came up with a scheme for loadable system calls by extending the syslocal() facility. It works fine, although some of the new system calls (notably ftruncate()) still have bugs and will occationally barf. It's possible that I could have started a program that used ftruncate(), and then hosed my self, but I'm pretty careful about such things. -- :alex Alex Crain Systems Programmer alex@umbc3.umd.edu Univ Md Baltimore County nerwin!alex@umbc3.umd.edu