I don't know details, though I can guess. The notification I got says that only machines with a login that takes a -f flag are vulnerable. I suspect that it's something like specifying a username of -f in the rlogin protocol or something. I do not know more yet, but am attempting to find out more. (I will not post full details before Monday or Tuesday, even if I know them.) der Mouse mouse@collatz.mcrcim.mcgill.edu