I'd like to get this IRIX thing under control. I've been talking to the people at SGI and they are definitely aware of all this traffic and are, as I type this, working on getting this whole issue settled. First of all, I'm sending this to everyone that max@gac.edu sent his wrapper program to, but I'd like it to settle into only the correct newsgroups. This isn't a firewalls issue, so I think this letter should probably be the last message to firewalls on this subject. I'm guessing bugtraq is the best place to post this to, so I'd like to recommend that all followups go to bugtraq, and people can subscribe to it themselves (mail to bugtraq-request@cns.cscns.com, in the text part of the message say subscribe bugtraq). CIAC plans to soon put out a bulletin about this vulnerability. Until then, the best recommendation I can give is to stand by SGI's recommendation, and wait for SGI's response. This way you have a proven, vendor-tested, vendor-endorsed workaround in the meantime. I really do appreciate Max's efforts to quickly develop an alternative to SGI's solution. Since it came out as quickly as it did, I'm unsure that this wrapper has been tested sufficiently to recommend to the world at large to install it. Karyn Pichnarczyk CIAC Team