Path: utzoo!utgpu!watmath!clyde!att!ucbvax!ucsd!orion.cf.uci.edu!paris.ics.uci.edu!nagel From: nagel@bonnie.ics.uci.edu (Mark Nagel) Newsgroups: news.admin Subject: Re: Dangerous hole in Usenet! Message-ID: <993@paris.ics.uci.edu> Date: 29 Nov 88 00:47:02 GMT References: <1227@vsi1.UUCP> <117@hudson.Morgan.COM> <1988Nov27.162018.22115@ateng.ateng.com> Sender: news@paris.ics.uci.edu Reply-To: nagel@bonnie.ics.uci.edu (Mark Nagel) Organization: University of California, Irvine - Dept of ICS Lines: 12 In-reply-to: chip@ateng.ateng.com (Chip Salzenberg) In article <1988Nov27.162018.22115@ateng.ateng.com>, chip@ateng (Chip Salzenberg) writes: | |On the other hand, it wouldn't take much to make it safe -- such as, put a |halt to all shell scripts that make references to absolute pathnames. Except the example I recently saw in another group: ../../../../../../etc/passwd (you get the idea). Mark Nagel nagel@ics.uci.edu nagel@ucivax.UUCP