Path: utzoo!yunexus!ists!mike
From: mike@istsists.ca (Mike Clarkson)
Newsgroups: news.sysadmin
Subject: Re: wasted cycles
Message-ID: <275@istsists.ca>
Date: 30 Nov 88 00:19:50 GMT
Article-I.D.: istsists.275
References: <978@hub.ucsb.edu> <16965@agate.BERKELEY.EDU> <2661@epimass.EPI.COM>
Organization: Institute for Space and Terrestrial Science
Lines: 31

In article <2661@epimass.EPI.COM>, jbuck@epimass.EPI.COM (Joe Buck) writes:
! Something very important should be said about FSF in this regard.  The official
! copies of Gnu software are mode 777, deliberately, based on RMS's opposition
! to any notion of security.  Already, someone attempting to FTP GNU software
! managed to destroy an important file by specifying FTP arguments in the
! reverse order (he apologized profusely on one of the gnu.* lists).
! 
! It would be trivial for anyone on the Internet to install a Trojan horse
! in GNU source code and have it installed everywhere, thereby destroying
! the good names of those involved in FSF.  Sharing of information does not
! require that every file be writable by everyone who thinks he knows how
! to operate a computer; most data destruction I've seen is accidental.
! But some is deliberate, so watch out.
! 

Add to this the temptation to make movemail suid root and you have a system
with no security at all.

I have often speculated that RMS made Gnu Emacs so large to make sure
that no one would notice these two little features that lie burried in
18 Mbytes of code.  An effective way of accomplishing his real aim of
removing all system security on any machine that installs his software.

Mike.


-- 
Mike Clarkson					mike@ists.UUCP
Institute for Space and Terrestrial Science	mike@ists.yorku.ca
York University, North York, Ontario,		uunet!mnetor!yunexus!ists!mike
CANADA M3J 1P3					+1 (416) 736-5611