Path: utzoo!mnetor!uunet!husc6!cmcl2!brl-adm!umd5!mimsy!aplcen!osiris!mjr
From: mjr@osiris.UUCP (Marcus J. Ranum)
Newsgroups: comp.misc
Subject: Re: Trojan Horse a Myth?
Message-ID: <1479@osiris.UUCP>
Date: 12 Dec 87 17:15:44 GMT
References: <459@gtx.com> <405@tardis.cc.umich.edu> <8192@ism780c.UUCP>
Organization: Institute For Felinographical Studies
Lines: 25
Summary: VMS older version.


	The older versions of VAX/VMS4.XX had a serious bug in the access
control lists. Initially it defaulted to no ACL would allow anyone to create
one. It was then easy to put an ACL on the system logical name table with
the user's name having write permission. 

	The unscrupulous user could have then set SYSDEVICES SYSLOGIN to use
something other than the "default" system LOGIN.COM, which could do just 
about anything. We never did that, however we notified our system admin, and
when they didn't believe us, deassigned the whole table. The trick of
making one's own SYSLOGIN.COM would, I suppose, be a sort of trojan horse. 

	Another VAX virus I heard about was a friend of mine who had a system
that would not boot normally no matter what. A disgruntled former employee had
written a program that was spawned really quietly at boot time and would romp
through the process table killing everything except itself as fast as it could.
It wasn't hard to fix - (boot off of a spare pack) but it was a bit hard to
initially diagnose, I gather.

--mjr();
-- 
Once, there was NO fun... 
This was before MENU planning, FASHION statements or NAUTILUS equipment...
Then, in 1985..  FUN was completely encoded in this tiny MICROCHIP...  
It contains 14,768 vaguely amusing SIT-COM pilots!!