From owner-freebsd-security Mon Dec 16 07:18:36 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id HAA11558 for security-outgoing; Mon, 16 Dec 1996 07:18:36 -0800 (PST) Received: from eel.dataplex.net (eel.dataplex.net [208.2.87.2]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id HAA11553 for ; Mon, 16 Dec 1996 07:18:34 -0800 (PST) Received: from [208.2.87.4] (cod [208.2.87.4]) by eel.dataplex.net (8.7.5/8.7.3) with ESMTP id JAA15179; Mon, 16 Dec 1996 09:18:49 -0600 (CST) X-Sender: rkw@mail.dataplex.net Message-Id: In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Mon, 16 Dec 1996 09:14:25 -0600 To: Joakim Rastberg From: Richard Wackerbarth Subject: Re: crontab security hole exploit Cc: security@FreeBSD.ORG Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk jor@xinit.se writes: >I would rather like the exploits be posted as they can be used >to leverage the "management" to pay attention (background: I am working as >a contractor to run some unix-boxes and although I whine about the low >security *nothing* happens until I can show I get a #, then someone >perhaps pulls the plug and pays for a more secure installation. My point >beeing is that many companies, at least the ones I work for, IGNORES holes >until someone have shown them the exploit) An interesting perspective. My attitude is that it is better to have obscurity than having the exploit readily available to a wide audience. I realize that the truly good crackers can figure it out for themself. But there are many "children" who will try something when it is handed to them. IMHO, we should at least give the upper hand to the sysops and, if possible, provide the fix before the attack becomes widespread.