Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10 5/3/83; site ucf-cs.UUCP
Path: utzoo!linus!wivax!decvax!harpo!floyd!vax135!ariel!hou5f!orion!houca!hogpc!houxm!hocda!spanky!burl!duke!goldfarb@ucf-cs.UUCP (Ben Goldfarb Esq.)
From: goldfarb@ucf-cs.UUCP
Newsgroups: net.unix-wizards
Subject: Re:  a thought about UNIX login security
Message-ID: <977@ucf-cs.UUCP>
Date: Thu, 23-Jun-83 00:09:19 EDT
Article-I.D.: ucf-cs.977
Posted: Thu Jun 23 00:09:19 1983
Date-Received: Fri, 24-Jun-83 20:21:02 EDT
References: <1115@rti.UUCP>
Organization: University of Central Florida
Lines: 8

If the unpassworded account that Thompson and Morris found (joe)
had uid=0 and gid=3, just like root, why did they have to go any
further?  They became superuser when they logged in as joe.

--
Ben Goldfarb
uucp:  ...!duke!ucf-cs!goldfarb
ARPA:  goldfarb.ucf-cs@Rand-Relay