Path: utzoo!attcan!uunet!mcvax!ukc!mucs!els!dente
From: dente@els.uucp (Colin Dente)
Newsgroups: comp.sys.apollo
Subject: Re: security hole
Message-ID: <6452@ux.cs.man.ac.uk>
Date: 11 Aug 89 16:35:03 GMT
References: <44e9d7d4.c4b0@apollo.HP.COM>
Sender: news@ux.cs.man.ac.uk
Reply-To: dente@els.ee.man.ac.uk (Colin Dente)
Organization: University of Manchester, UK
Lines: 34

In article <44e9d7d4.c4b0@apollo.HP.COM> dawson@apollo.HP.COM (Keith Dawson) writes:
>In a recent posting Peter Lipp [plipp@tugiig.uucp] details a
> >  Possible Security Problem with DOMAIN-OS and the Display-Manager

>[Gives patch numbers for 9.7 and 10.1]

>These patches can be applied to /lib/streams on any version of SR9.7
>and SR10.1, including the versions that support Domain/X11. Please
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

Well, I 'phoned my local support office, and they told me that the
release notes for the 9.7 patch (they haven't got the 10.1 patch yet)
state that it should *not* be applied if you are running Domain/X11.
Naturally, I was a bit miffed at this - so I 'phoned Keith to see what
he had to say.  He seemed to think that the patch was, infact, more
than one patch in one bundle, and if I applied just the /lib/streams
part, I'd be okay.  Anyway, I'm waiting for a floppy to land on my
doormat with the patch on it, and when it does, I'll try it and let
you know.  Just thought I'd try to clear the confusion in the
meantime.

>We regret the broad dissemination of detailed instructions for exploiting
>a security hole.
So do I...... |-(

Colin

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
| Colin Dente                      | JANET: dente@uk.ac.man.ee.els            |
| Dept. of Electrical Engineering  | ARPA:  dente@els.ee.man.ac.uk            |
| University of Manchester         | UUCP:  ...!mcvax!ukc!man.ee.els!dente    |
| England                          | These might work now, but then again...  |
|-----------------------------------------------------------------------------|
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=