Path: utzoo!attcan!uunet!ginosko!brutus.cs.uiuc.edu!apple!bionet!ames!amelia!sun217!truesdel From: truesdel@sun217..nas.nasa.gov (David A. Truesdel) Newsgroups: comp.unix.wizards Subject: Re: sendmail/ftpd security-holes raise their ugly heads again... Message-ID: <3247@amelia.nas.nasa.gov> Date: 27 Sep 89 18:51:35 GMT References: <21@minya.UUCP> <19837@mimsy.UUCP> Sender: news@amelia.nas.nasa.gov Lines: 9 It should be noted that the mere presense of the debug mode IS NOT a security hole, the ability to address mail to an arbitrary shell (with the aid of "debug") IS. Before ragging on your unnamed vendor, you should check to see if the security hole really is present. -dave truesdell (truesdel@prandtl.nas.nasa.gov) "When in doubt, use brute force."