From owner-freebsd-security Mon Dec 16 13:18:43 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id NAA03592 for security-outgoing; Mon, 16 Dec 1996 13:18:43 -0800 (PST) Received: from quackerjack.cc.vt.edu (quackerjack.cc.vt.edu [198.82.160.250]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id NAA03586 for ; Mon, 16 Dec 1996 13:18:38 -0800 (PST) Received: from sable.cc.vt.edu (sable.cc.vt.edu [128.173.16.30]) by quackerjack.cc.vt.edu (8.7.1/8.7.1) with SMTP id QAA16899; Mon, 16 Dec 1996 16:18:33 -0500 (EST) Received: from alsatian.cslab.vt.edu (alsatian.cslab.vt.edu [198.82.184.11]) by sable.cc.vt.edu (8.6.12/8.6.12) with SMTP id QAA24434; Mon, 16 Dec 1996 16:18:32 -0500 Received: from husky.cslab.vt.edu by alsatian.cslab.vt.edu (5.65v3.2/1.1.10.5/18Sep96-0417PM) id AA18667; Mon, 16 Dec 1996 16:18:31 -0500 From: Jeff Aitken Received: by husky.cslab.vt.edu (5.65v3.2/1.1.10.5/22Aug96-1216PM) id AA00715; Mon, 16 Dec 1996 16:18:25 -0500 Message-Id: <9612162118.AA00715@husky.cslab.vt.edu> Subject: Re: crontab security hole exploit To: rkw@dataplex.net (Richard Wackerbarth) Date: Mon, 16 Dec 1996 16:18:25 -0500 (EST) Cc: jor@xinit.se, security@freebsd.org In-Reply-To: from "Richard Wackerbarth" at Dec 16, 96 09:14:25 am X-Mailer: ELM [version 2.4 PL25] Content-Type: text Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Richard Wackerbarth writes: > > My attitude is that it is better to have obscurity than having the exploit > readily available to a wide audience. I realize that the truly good > crackers can figure it out for themself. But there are many "children" who > will try something when it is handed to them. IMHO, we should at least give > the upper hand to the sysops and, if possible, provide the fix before the > attack becomes widespread. Seeing as how the original message had *already* been posted to bugtraq AND BoS, the exploit was *already* in the hands of thousands of (potentially evil-minded) people. --Jeff