Xref: utzoo comp.unix.wizards:13322 news.admin:4250 news.sysadmin:1902
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ames!lll-tis!helios.ee.lbl.gov!nosc!logicon.arpa!Makey
From: Makey@LOGICON.ARPA (Jeff Makey)
Newsgroups: comp.unix.wizards,news.admin,news.sysadmin
Subject: Re: unshar business
Message-ID: <232@logicon.arpa>
Date: 9 Dec 88 19:35:29 GMT
References: <209@bridge2.3Com.Com> <210@bridge2.3Com.Com>
Organization: Logicon, Inc., San Diego, CA
Lines: 27

In article <210@bridge2.3Com.Com> mbt@bridge2.3Com.com (Brad Turner) writes:
>Before ya flame me telling me how my previous posting wasn't
>safe since I choose to use sh, let me include that the script is run
>su mapdaemon which has only the priviledges of a normal user on the system.
>Futher more output is mailed to the sysadmin at the end of each run.
>
>I figure this is a pretty safe compromise between prudence and paranoia.

Some people just don't pay attention, do they?  Remember: the Internet
virus used only the privileges of a "normal" UNIX user to do its dirty
work.  Brad's lex + sh method of unsharing UUCP maps is a very
*unsafe* compromise between prudence and paranoia.  In other words,
his plan is very prudent, but not very paranoid.

Mailing the output to the sysadmin (who, we foolishly presume, knows
enough to recognize nasties) has all the effectiveness of closing the
barn door after the horse is gone.

I haven't had a chance to look carefully at Cathy Segedy's C program,
but there's no question that such an approach is the most efficent (in
terms of machine resources) and safest method of unsharing map files.

                           :: Jeff Makey

Department of Tautological Pleonasms and Superfluous Redundancies Department
    Disclaimer: Logicon doesn't even know we're running news.
    Internet: Makey@LOGICON.ARPA    UUCP: {nosc,ucsd}!logicon.arpa!Makey