Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!cmcl2!adm!xadmx!uucp@att.att.com From: uucp@att.att.com (Hermes Trisgesmis) Newsgroups: comp.unix.wizards Subject: Warning From uucp Message-ID: <17970@adm.BRL.MIL> Date: 26 Dec 88 13:51:49 GMT Sender: news@adm.BRL.MIL Lines: 234 We have been unable to contact machine 'wa015b' since you queued your job. wa015b!mail james (Date 12/25) The job will be deleted in several days if the problem is not corrected. If you care to kill the job, execute the following command: uustat -kwa015bN49e4 Sincerely, att!uucp ############################################# ##### Data File: ############################ From arpa!VM1.NoDak.EDU!BRL.MIL!UNIX-WIZARDS Sun Dec 25 03:45:38 1988 remote from att Received: by att.ATT.COM (smail2.6 att-mt) id AA22485; 25 Dec 88 03:45:38 EST (Sun) Received: from NDSUVM1.BITNET by VM1.NoDak.EDU (IBM VM SMTP R1.2) with BSMTP id 6093; Sun, 25 Dec 88 02:45:03 CST Received: by NDSUVM1 (Mailer X1.25) id 6091; Sun, 25 Dec 88 02:45:01 CST Date: Sun, 25 Dec 88 02:45:20 EST Reply-To: UNIX-WIZARDS%BRL.MIL@VM1.NoDak.EDU Sender: Unix-Wizards Mailing List From: Mike Muuss The Moderator Subject: UNIX-WIZARDS Digest V6#059 X-To: UNIX-WIZARDS@BRL.MIL To: James Anderson UNIX-WIZARDS Digest Sun, 25 Dec 1988 V6#059 Today's Topics: Re: Special chars humor (was password security) uugetty on Altos not behaving properly? Re: Special chars humor (was password security) Re: Standards Re: Special chars humor (was password security) Re: rsh environment Re: Special chars humor (was password security) ----------------------------------------------------------------- From: Daryl Clevenger Subject: Re: Special chars humor (was password security) Date: 24 Dec 88 08:38:22 GMT To: unix-wizards@sem.brl.mil In article <8594@alice.UUCP> debra@alice.UUCP () writes: >Requiring the use of a non-alphanumeric character is not at all sufficient. >Many people react to this by just putting a special character (usually ".") >in front of their old password... > (This post is just a humorous interjection, not a comment one way or the other. It does illustrate yet another example of a program that missed a boundry case.) A friend of mine that used to work for a research project here at CMU had an interesting thing happen to him related to this. His group had a few HP Bobcats running HP/UX and he was given an account on them. Upon logging in the first time, he was asked to change his password and required him to use at least one non-alphanumeric character (I don't know if it cared where it was put into the password string). Being relatively naive about UNIX and not knowing its history, he picked '@' as his special character, which /bin/passwd gladly accepted. Guess what happened the next time he tried to login? The system kept printing "Login incorrect" and he was certain he was using the right passwd. Finally, he called me up and related what had heppened to me. I asked him which special character he used, and I thought about it for a moment. Then I remembered that the default 'Kill line' character used to be '@'. I told him to type his passwd at the "login:" prompt (why not, nobody could use it for much as it was) and tell me what happened. My suspicions were confirmed when I heard the screams and cursing. Moral: All characters are special; some are more special than others. ------------ Daryl Clevenger dlc@cs.cmu.edu CMU CS/RI Facilities Staff -- ----------------------------- From: "Michael R. Johnston" Subject: uugetty on Altos not behaving properly? Date: 21 Dec 88 21:30:53 GMT Keywords: uugetty cu uucp To: unix-wizards@sem.brl.mil I have an Altos 386/2000 running SYSV with BNU uucp. For my dial-in port uugetty is running. I know I should be able to dial-out with cu or uucp to another *nix box and initiate a session WITHOUT having to disable the port. Unfortunately this does not work. When I attempt to do this I usually get caught up in the "deadly embrace" where each machine attempts to login to the other. Obviously I am doing something wrong but as I look through the manual it appears that there is no real configuration for this command. Just place it in /etc/inittab and let 'er rip. I called Altos on this one and their response was that uugetty was only meant for an Altos to call another Altos running uugetty. The sad part about it was that they were serious. Can anyone explain why this doesn't work? Common configuration (?!) problems with uugetty? -- Michael R. Johnston - @NET: mikej@cpmain.uucp ...{cmcl2!phri!,uunet!}dasys1!cpmain!mikej || ...philabs!mergvax!cpmain!mikej ----------------------------- From: Andrew Koenig Subject: Re: Special chars humor (was password security) Date: 24 Dec 88 14:44:25 GMT To: unix-wizards@sem.brl.mil In article <3934@pt.cs.cmu.edu>, dlc@dlc.fac.cs.cmu.edu (Daryl Clevenger) writes: > Being relatively naive about > UNIX and not knowing its history, he picked '@' as his special character, > which /bin/passwd gladly accepted. Why is this a problem? He just has to enter `@' as `\@'. -- --Andrew Koenig ark@europa.att.com ----------------------------- From: Doug Gwyn Subject: Re: Standards Date: 24 Dec 88 19:56:35 GMT To: unix-wizards@sem.brl.mil In article <439@maxim.ERBE.SE> prc@maxim.ERBE.SE (Robert Claeson) writes: -In article <9166@smoke.BRL.MIL>, gwyn@smoke.BRL.MIL (Doug Gwyn ) writes: -> I've read quite a few DoD coding standards, data format standards, -> program documentation requirements, etc. They're generally pretty -> horrible, requiring products that I personally would consider -> inexcusably poor workmanship! -So what style do *you* use when you write code, Doug? Whatever's appropriate for the language, etc., keeping in mind the needs of future maintainers (including myself after a few months). One thing I do NOT do is provide punched-card decks and flowcharts. (DFDs and FSA diagrams, yes, flowcharts, no). ----------------------------- From: Paul De Bra Subject: Re: Special chars humor (was password security) Date: 24 Dec 88 19:03:11 GMT To: unix-wizards@sem.brl.mil In article <8598@alice.UUCP> ark@alice.UUCP (Andrew Koenig) writes: ]In article <3934@pt.cs.cmu.edu>, dlc@dlc.fac.cs.cmu.edu (Daryl Clevenger) writes: ]> Being relatively naive about ]> UNIX and not knowing its history, he picked '@' as his special character, ]> which /bin/passwd gladly accepted. ] ]Why is this a problem? He just has to enter `@' as `\@'. ]-- ] --Andrew Koenig It is a problem because of the inconsistency: the password he gave to the passwd program is NOT the password he has to type to log on. Passwd should have treated the char @ the same way login does, even if this user has a different kill-line character, because login will use the default. Paul. -- ------------------------------------------------------ |debra@research.att.com | uunet!research!debra | ------------------------------------------------------ ----------------------------- From: Paul De Bra Subject: Re: rsh environment Date: 24 Dec 88 19:19:17 GMT Keywords: To: unix-wizards@sem.brl.mil In article <14640@cisunx.UUCP> jcbst3@unix.cis.pittsburgh.edu (James C. Benz) writes: >In article <1276@uwbull.uwbln.UUCP> ckl@uwbln.UUCP (Christoph Kuenkel) writes: >>Is there any way to alter the default environment setting used when >>rsh (the bsd remote shell) executes commands? >> >>our rsh (bull sps9 with spix os) sets up an default environment >> >HUH? (cr,h,...)ackers anyone? Isn't rsh RESTRICTED shell? Anyway, >why not just set these in .profile using standard UNIX syntax ala >HOME=/usr/mydirectory;export HOME >That is, if you have permissions on .profile. >Or is YOUR UNIX *different* than mine (AT&T)? Way back in the old days before networking /bin/rsh was a "restricted" shell. Some more recent versions of Unix may still have the restricted shell for historic reasons. I don't know about System V, but BSD and 9Vr2 have abandoned the restricted shell in favor of a "remote" shell, also called rsh. (But at least on 9Vr2 it is not /bin/rsh but /usr/bin/rsh.) Paul. -- ------------------------------------------------------ |debra@research.att.com | uunet!research!debra | ------------------------------------------------------ ----------------------------- From: Arthur David Olson Subject: Re: Special chars humor (was password security) Date: 24 Dec 88 23:52:28 GMT To: unix-wizards@sem.brl.mil > > . . .[a user] picked '@'. . .which /bin/passwd gladly accepted. > Why is this a problem? [The user] just has to enter `@' as `\@'. The problem is that /bin/passwd fails to tell the user the above. -- Arthur David Olson ado@ncifcrf.gov ADO is a trademark of Ampex. ----------------------------- End of UNIX-WIZARDS Digest **************************