Re: Hey the crackers have a new twist 8-(.

Sean McLinden (sean+@andrew.cmu.edu)
Sat, 26 Mar 1994 13:34:40 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Brent Chapman: "Re: Hey the crackers have a new twist 8-(."
Previous message: John P. Rouillard: "Hey the crackers have a new twist 8-(."
In reply to: John P. Rouillard: "Hey the crackers have a new twist 8-(."
Next in thread: Brent Chapman: "Re: Hey the crackers have a new twist 8-(."

[Description of mailing a script to a shell on sendmail-based systems deleted.]

This "sort of attack" was the basis for the Morris Internet Worm which
attracted (inter)national attention a few years back (I always preferred
the term "Trojan Horse") This "feature" of sendmail and some other
Unix-based mailers was well documented and, frankly, I am astounded that
any person who collected a paycheck as a security officer for Unix
systems would not know about this. In fact, one of the ironies of the
Morris incident was that Morris used a feature which was actually well
known in the Unix community and for which the security implications were
also well known.

Sean McLinden

Next message: Brent Chapman: "Re: Hey the crackers have a new twist 8-(."
Previous message: John P. Rouillard: "Hey the crackers have a new twist 8-(."
In reply to: John P. Rouillard: "Hey the crackers have a new twist 8-(."
Next in thread: Brent Chapman: "Re: Hey the crackers have a new twist 8-(."