Re: rtm and uucp


Glen Overby (ndsuvm1!ndsuvax!ncoverby@cunyvm.cuny.edu)
13 Nov 88 23:02:46 GMT


In article <8597@rpp386.Dallas.TX.US> jfh@rpp386.Dallas.TX.US
        (John F. Haugh II) writes:
>It would be so nice if someone would undertake a security audit to
>insure that work other college students did, which *is* currently
>in production, doesn't contain any surprizes.

Why are you worried only about college students? We're not the only ones
in this world to commit crimes.

This security audit should go for any software posted to the net or
otherwise available (anon uucp, anon FTP, etc), as well as on a per-vendor
basis (who's to say that ABC computer maker didn't botch something in their
port?).

What you're prescribing is a pretty major task. I'm sure that if anybody
with Unix Sources is sufficently worried about contamination they will
perform some sort of "audit" and report the bugs back to the Keeper of the
Sorces.

Glen Overby
ncoverby@plains.nodak.edu uunet!ndsuvax!ncoverby
ncoverby@ndsuvax (Bitnet)



This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:44:30 GMT