Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site brl-tgr.ARPA
Path: utzoo!watmath!clyde!cbosgd!cbdkc1!desoto!cord!hudson!ihnp1!ihnp4!zehntel!dual!amd!pesnta!hplabs!hao!seismo!brl-tgr!gwyn
From: gwyn@brl-tgr.ARPA (Doug Gwyn )
Newsgroups: net.unix-wizards,net.rumor
Subject: Re: Unix (In)Security
Message-ID: <6341@brl-tgr.ARPA>
Date: Tue, 11-Dec-84 00:13:41 EST
Article-I.D.: brl-tgr.6341
Posted: Tue Dec 11 00:13:41 1984
Date-Received: Fri, 7-Dec-84 05:39:42 EST
References: <141@sask.UUCP>
Organization: Ballistic Research Lab
Lines: 19
Xref: watmath net.unix-wizards:10807 net.rumor:577

> kindly send me the name of the person at Purdue that made that statement?

George Goble

> So what kind of flaw exist in Unix?

Same as in any substantial time-sharing system, plus its own brand due to
loopholes in the kernel implementation (every OS I have ever seen has had
these).  Most of the ones you hear rumors about in the media are well
known to UNIX old-timers and have been fixed long ago in their systems.
Many of these fixes eventually make it back into some UNIX "product".

See the latest BLTJ article by Morris et al. for several general methods.

> Maybe this is not the place to discuss such security issues

Probably not net.rumor, but in general you are better off hearing about
them along with everybody else than being ignorant while some antisocial
nerd breaks in and ruins your corporate files, or worse.