Xref: utzoo comp.unix.wizards:13322 news.admin:4250 news.sysadmin:1902 Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ames!lll-tis!helios.ee.lbl.gov!nosc!logicon.arpa!Makey From: Makey@LOGICON.ARPA (Jeff Makey) Newsgroups: comp.unix.wizards,news.admin,news.sysadmin Subject: Re: unshar business Message-ID: <232@logicon.arpa> Date: 9 Dec 88 19:35:29 GMT References: <209@bridge2.3Com.Com> <210@bridge2.3Com.Com> Organization: Logicon, Inc., San Diego, CA Lines: 27 In article <210@bridge2.3Com.Com> mbt@bridge2.3Com.com (Brad Turner) writes: >Before ya flame me telling me how my previous posting wasn't >safe since I choose to use sh, let me include that the script is run >su mapdaemon which has only the priviledges of a normal user on the system. >Futher more output is mailed to the sysadmin at the end of each run. > >I figure this is a pretty safe compromise between prudence and paranoia. Some people just don't pay attention, do they? Remember: the Internet virus used only the privileges of a "normal" UNIX user to do its dirty work. Brad's lex + sh method of unsharing UUCP maps is a very *unsafe* compromise between prudence and paranoia. In other words, his plan is very prudent, but not very paranoid. Mailing the output to the sysadmin (who, we foolishly presume, knows enough to recognize nasties) has all the effectiveness of closing the barn door after the horse is gone. I haven't had a chance to look carefully at Cathy Segedy's C program, but there's no question that such an approach is the most efficent (in terms of machine resources) and safest method of unsharing map files. :: Jeff Makey Department of Tautological Pleonasms and Superfluous Redundancies Department Disclaimer: Logicon doesn't even know we're running news. Internet: Makey@LOGICON.ARPA UUCP: {nosc,ucsd}!logicon.arpa!Makey