Path: utzoo!yunexus!ists!mike
From: mike@ists.ists.ca (Mike Clarkson)
Newsgroups: news.admin
Subject: Re: Is uunet a security hole?
Summary: SCO Xenix bug
Keywords: uucp logins security
Message-ID: <338@ists.ists.ca>
Date: 5 Jan 89 03:38:42 GMT
Article-I.D.: ists.338
References: <10420@rpp386.Dallas.TX.US> <44465@beno.seismo.CSS.GOV> <44466@beno.seismo.CSS.GOV>
Organization: Institute for Space and Terrestrial Science
Lines: 19

In article <44466@beno.seismo.CSS.GOV>, rick@seismo.CSS.GOV (Rick Adams) writes:
> If uutry allows people without normal read access (i.e. use the access
> system call on the System file) to run uucico with debugging, then it
> is badly broken and should be fixed. The BSD uucico fixed this
> many years ago.

SCO Xenix hasn't fixed this.

At least as of 2.2.1 (last year).

(Note that rpp386 is listed as an SCO Xenix 2.2.1 site in the maps.)

Mike.

-- 
Mike Clarkson					mike@ists.UUCP
Institute for Space and Terrestrial Science	mike@ists.ists.ca
York University, North York, Ontario,		uunet!mnetor!yunexus!ists!mike
CANADA M3J 1P3					+1 (416) 736-5611