3b1 security and removal of ua

Chris Lewis clewis at ferret.ocunix.on.ca
Fri Apr 12 09:09:14 AEST 1991

In article <927 at jonlab.UUCP> jon at jonlab.UUCP (Jon H. LaBadie) writes:

>The recent discussion of security on the 3B1 (is that an oxymoron?)
>caused me to recall that I've never seen this particular hole posted.

It's worse than that - if you send mail to the root user, the user
on the console can break into root using the mail icon....

No compiler neccessary.

Chris Lewis, Phone: (613) 832-0541, Internet: clewis at ferret.ocunix.on.ca
UUCP: uunet!mitel!cunews!latour!ecicrl!clewis; Ferret Mailing List:
ferret-request at eci386; Psroff (not Adobe Transcript) enquiries:
psroff-request at eci386 or Canada 416-832-0541.  Psroff 3.0 in c.s.u soon!

More information about the Comp.sys.3b1 mailing list