a holiday gift from Robert "wormer" Morris


Steve Elias (spdcc!eli@bloom-beacon.mit.edu)
6 Nov 88 16:51:15 GMT


"Wormer" Morris has quite a career ahead of him, i'll bet.
he has done us all a favor by benevolently bashing bsd 'security'.

the smtp/sendmail security hole that he exploited was big enough to
drive the Whirlwhind computer through -- never mind a few
thousand Suns & bsd vaxes.

the hole was so obvious that i surmise that Morris
was not the only one to discover it. perhaps other less
reproductively minded arpanetters have been having a field
'day' ever since this bsd release happened.

some of the more security minded folk out there might have
archived ps records which could indicate the presence of
spurious shells spawned from smtp. depending on how long
Mr. Morris used the security hole, he may be very well qualified
to tell all whether he saw signs of other creative use of the
sendmail security gift.

in at least one sense, Morris has done a service for the internet.
nobody will be able to continue to "benefit" from the bsd/sysV
sendmail -- which was the true trojan horse.

--

harvard!spdcc!eli



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:29 GMT