Path: utzoo!utgpu!attcan!uunet!lll-winken!ames!mailrus!tut.cis.ohio-state.edu!rutgers!bellcore!texbell!killer!rpp386!jfh
From: jfh@rpp386.Dallas.TX.US (John F. Haugh II)
Newsgroups: comp.unix.wizards
Subject: Re: UNIX security and passwords
Summary: All the world is not connected to USENET
Message-ID: <11215@rpp386.Dallas.TX.US>
Date: 17 Jan 89 23:55:05 GMT
References: <23731@pprg.unm.edu> <14@minya.UUCP>
Reply-To: jfh@rpp386.Dallas.TX.US (John F. Haugh II)
Organization: River Parishes Programming, Dallas TX
Lines: 18

In article <14@minya.UUCP> jc@minya.UUCP (John Chambers) writes:
>                                                         There should be
>an explicit example showing how to exploit this bug.

NO!  Not until the FIX has had a chance to work its way out to the
masses.

Too many systems are sitting out there with assinine vendors not
supplying bug-fixed software to their customers to let loose a real
security killer on the unsuspecting masses.

Post the fix, wait several months, then post a complete write-up.
Anything less is irresponsible.
-- 
John F. Haugh II                        +-Quote of the Week:-------------------
VoiceNet: (214) 250-3311   Data: -6272  |"UNIX doesn't have bugs,
InterNet: jfh@rpp386.Dallas.TX.US       |         UNIX is a bug."
UucpNet : <backbone>!killer!rpp386!jfh  +--------------------------------------