Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site ucbvax.BERKELEY.EDU Path: utzoo!watmath!clyde!cbosgd!ucbvax!nyu-cmcl1.arpa!TIHOR From: TIHOR@NYU-CMCL1.ARPA (Stephen Tihor) Newsgroups: mod.computers.vax Subject: Security issues Message-ID: <316648859.0345002E;1985@CMCL1.NYU.ARPA> Date: Tue, 12-Nov-85 17:18:00 EST Article-I.D.: CMCL1.316648859.0345002E;1985 Posted: Tue Nov 12 17:18:00 1985 Date-Received: Thu, 14-Nov-85 07:48:16 EST Sender: daemon@ucbvax.BERKELEY.EDU Organization: The ARPA Internet Lines: 23 Approved: info-vax@ucbvax.berkeley.edu No matter how we organize the secure INFO-VAX list it will contain people who, in a perfect world, should never be allowed with reach of computer. The Unix wizards security list contains two system crackers that I have had problems with in the last few years. Therefore you must assume that the enemy (self proclaimed) is listening. Certainly if you are going to publish anything on the list that can crash or crack open a system you should have SPR-ed it to DEC and there should be some solid reason to publish it...if its a Security problem I would rather let ignorance be DEC's ally until the next minor release gets out but if you do publish it here please include a workaround. For example I am now going to have to go and set ACL's on a bunch of logical name tables since someone has already done this I would personally prefer if they just included the code to handle the standard tables at the end of their message. I regret that DEC does not provide a service whereby we can get such patches by an at least semi-secure E-Mail channel. \\ Stephen Tihor / CIMS / NYU / 251 Mercer Street / New York, NY 10012 // (( DEC Enet: RHEA::DECWRL::"""TIHOR@NYU-CMCL1.ARPA""" NYUnet: TIHOR.CMCL1 )) // ARPAnet: Tihor@NYU-CMCL1 UUCPnet address: ...!ihnp4!cmcl2!cmcl1!tihor \\ -------