Aucbvax.3072 fa.unix-wizards utzoo!decvax!ucbvax!unix-wizards Fri Sep 11 00:10:27 1981 security holes in mail >From decvax!duke!unc!smb@Berkeley Fri Sep 11 00:03:32 1981 In-real-life: Steven M. Bellovin Location: University of North Carolina at Chapel Hill ucbmail would seem to have several security holes regarding people who mail to pipes or files over a network. delivermail will blithely open files, invoke csh, etc., running as whoever invoked it. If that's a network server -- well, it's too bad, isn't it.... ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.