Date: Mon, 16 Dec 1996 16:18:25 -0500 (EST) From: Jeff Aitken <jaitken@cslab.vt.edu> To: rkw@dataplex.net (Richard Wackerbarth) Cc: jor@xinit.se, security@freebsd.org Subject: Re: crontab security hole exploit Message-ID: <9612162118.AA00715@husky.cslab.vt.edu> In-Reply-To: <l03010d00aedb15f6a17f@[208.2.87.4]> from "Richard Wackerbarth" at Dec 16, 96 09:14:25 am
next in thread | previous in thread | raw e-mail | index | archive | help
Richard Wackerbarth writes: > > My attitude is that it is better to have obscurity than having the exploit > readily available to a wide audience. I realize that the truly good > crackers can figure it out for themself. But there are many "children" who > will try something when it is handed to them. IMHO, we should at least give > the upper hand to the sysops and, if possible, provide the fix before the > attack becomes widespread. Seeing as how the original message had *already* been posted to bugtraq AND BoS, the exploit was *already* in the hands of thousands of (potentially evil-minded) people. --Jeff
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9612162118.AA00715>