SECURITY BUG IN INTERACTIVE UNIX SYSV386

martin.zam marz at cbnewsb.cb.att.com
Fri Mar 1 09:38:35 AEST 1991


>Sender: Marty Stewart
>Reply-To: martys at ism.isc.com
>Organization: Interactive Systems Corp., Santa Monica, CA
>Lines: 22
>
>
>	This is mail to address the suggestions that INTERACTIVE either post
>the security hole fix to the net or put it on a ftp site where it can be
>picked up by users.
>
>	Under the AT&T licensing agreement, INTERACTIVE cannot post AT&T
>code to a site where any user can pick it up.  We are under the obligation
>to make sure only AT&T licensed users receive binaries that have portions of
>AT&T code in them.  The fixes for the security hole are in os.o and as such,
>the code cannot be put in a public area.  Another reason for not posting to
>the net is that the os.o is quite large and will take up unnecessary band-
>width at sites that do not need the INTERACTIVE fix.
>
>	As an alternative to calling support, please send mail to
>martys at ism.isc.com and I will see to it that users are sent a fix as soon as
>support is given the fix.  I will need an address, the version of software
>that you are running and your 2.0.2 or 2.2 serial number.  INTERACTIVE
>apologizes for any inconveniences this may cause users.
>
>Marty C. Stewart
>Support Team Leader
>INTERACTIVE Systems Corp.
>
>
Why don't you post a list of bugs that you do have a fix for?!?! 
My luck has been about the same as everybody else's at getting things
fixed, but I would like to have a FULLY FUNCTIONAL system without
having to weed out and isolate every damn bug in this system myself.

I am no happier than the rest of the netters who have complained, I just
haven't been as vocal.  

In addition, any docs that have been updated for my release of ISC should
be made available as well.  I paid handsomely for my complete ISC license
and I think support should reflect the price I paid.  Nothing installed
and just worked!  Nothing!  Anybody out there get their mouse to work
properly with X windows without pain?  Everything was painful, and calling
for tech support is downright degrading.

Anybody got Kodak's address?

						My Opinions,
						Martin Zam
						(201)564-2554



More information about the Comp.unix.sysv386 mailing list