Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!bloom-beacon!mit-eddie!uw-beaver!rice!sun-spots-request
From: gretzky@unison.larc.nasa.gov (Mitch Wright)
Newsgroups: comp.sys.sun
Subject: chfn security problem
Keywords: SunOS
Message-ID: <8903062028.AA04743@unison.larc.nasa.gov>
Date: 16 Mar 89 00:09:35 GMT
Sender: usenet@rice.edu
Organization: Sun-Spots
Lines: 9
Approved: Sun-Spots@rice.edu
Original-Date: Mon, 6 Mar 89 15:28:10 EST
X-Sun-Spots-Digest: Volume 7, Issue 201, message 10 of 15

I'm not too sure about how many people know this, but the chfn security
hole does exist in 4.0 and 4.0.1.  This was brought to my attention a few
days ago.  I had figured Sun was smart enough to have had this security
hole patched, but I was wrong.  If you would like a better explanation of
this problem, I would be more than willing to submit a more intelligent
message.

	-=>gretzky<=-
..mitch