Re: a holiday gift from Robert "wormer" Morris


Jim Hutchison (net1!hutch@ucsd.edu)
10 Nov 88 00:00:37 GMT


In <11226@cgl.ucsf.EDU> > seibel@hegel.mmwb.ucsf.edu.UUCP (George Seibel) writes:
> [...] If that's
>the way people want it, then let's be up front and print a warning on
>each copy of system software that ships: "Congratulations! You just
>bought a fine copy of Unix. Don't keep any files you care about on it."

You would prefer VMS where you can read the documentation to find out how
to break security? Or how about a system with no features?

If you boadcast a bug, and its fix/patch, you take responsibility for that
patch. You also risk letting loose all sorts of mayhem on systems where
the system manager is lazy or on vacation. Binary sites are particularly
limited in the number of fixes they can apply. So out go the fixes quietly,
and perhaps only locally. Here we are.

Do you have a good answer, or are you just going to indulge yourself in
a good screaming fit?

>If we have security holes on our machines that are well known, and we
>do nothing to patch those holes, we are asking for trouble.

True. But not real. Many people spend a great part of their waking
hours monitoring and fixing the system, locally and for others. Don't
be viscious and ignore their hard work.

>George Seibel
/* Jim Hutchison UUCP: {dcdwest,ucbvax}!cs!net1!hutch
                                ARPA: JHutchison@ucsd.edu
     These are my opinions, and now you have your perceptions of them. */



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:30 GMT