Warning From uucp

Hermes Trisgesmis uucp at att.att.com
Mon Dec 26 23:51:49 AEST 1988


We have been unable to contact machine 'wa015b' since you queued your job.

	wa015b!mail james   (Date 12/25)
The job will be deleted in several days if the problem is not corrected.
If you care to kill the job, execute the following command:

	uustat -kwa015bN49e4

	Sincerely,
	att!uucp

#############################################
##### Data File: ############################
>From arpa!VM1.NoDak.EDU!BRL.MIL!UNIX-WIZARDS  Sun Dec 25 03:45:38 1988 remote from att
Received: by att.ATT.COM (smail2.6  att-mt)
	id AA22485; 25 Dec 88 03:45:38 EST (Sun)
Received: from NDSUVM1.BITNET by VM1.NoDak.EDU (IBM VM SMTP R1.2) with BSMTP id 6093; Sun, 25 Dec 88 02:45:03 CST
Received: by NDSUVM1 (Mailer X1.25) id 6091; Sun, 25 Dec 88 02:45:01 CST
Date:         Sun, 25 Dec 88 02:45:20 EST
Reply-To:     UNIX-WIZARDS%BRL.MIL at VM1.NoDak.EDU
Sender:       Unix-Wizards Mailing List <UNIX-WIZ at VM1.NoDak.EDU>
From:         Mike Muuss The Moderator <Unix-Wizards-Request%BRL.MIL at VM1.NoDak.EDU>
Subject:      UNIX-WIZARDS Digest  V6#059
X-To:         UNIX-WIZARDS at BRL.MIL
To:           James Anderson <wa015b!james at ATT.ATT.COM>

UNIX-WIZARDS Digest          Sun, 25 Dec 1988              V6#059

Today's Topics:
            Re: Special chars humor (was password security)
                uugetty on Altos not behaving properly?
            Re: Special chars humor (was password security)
                             Re: Standards
            Re: Special chars humor (was password security)
                          Re: rsh environment
            Re: Special chars humor (was password security)

-----------------------------------------------------------------

From: Daryl Clevenger <dlc at dlc.fac.cs.cmu.edu>
Subject: Re: Special chars humor (was password security)
Date: 24 Dec 88 08:38:22 GMT
To:       unix-wizards at sem.brl.mil

In article <8594 at alice.UUCP> debra at alice.UUCP () writes:
>Requiring the use of a non-alphanumeric character is not at all sufficient.
>Many people react to this by just putting a special character (usually ".")
>in front of their old password...
>

(This post is just a humorous interjection, not a comment one way or the
 other.  It does illustrate yet another example of a program that missed
 a boundry case.)

A friend of mine that used to work for a research project here at CMU had an
interesting thing happen to him related to this.  His group had a few HP
Bobcats running HP/UX and he was given an account on them.  Upon logging
in the first time, he was asked to change his password and required him
to use at least one non-alphanumeric character (I don't know if it cared
where it was put into the password string).  Being relatively naive about
UNIX and not knowing its history, he picked '@' as his special character,
which /bin/passwd gladly accepted.

Guess what happened the next time he tried to login?  The system kept printing
"Login incorrect" and he was certain he was using the right passwd.  Finally,
he called me up and related what had heppened to me.  I asked him which
special character he used, and I thought about it for a moment.  Then I
remembered that the default 'Kill line' character used to be '@'.  I told him
to type his passwd at the "login:" prompt (why not, nobody could use it for
much as it was) and tell me what happened.  My suspicions were confirmed
when I heard the screams and cursing.

Moral:  All characters are special; some are more special than others.

 ------------
Daryl Clevenger                dlc at cs.cmu.edu
CMU CS/RI Facilities Staff
--

-----------------------------

From: "Michael R. Johnston" <mikej at cpmain.uucp>
Subject: uugetty on Altos not behaving properly?
Date: 21 Dec 88 21:30:53 GMT
Keywords: uugetty cu uucp
To:       unix-wizards at sem.brl.mil

I have an Altos 386/2000 running SYSV with BNU uucp. For my dial-in port
uugetty is running. I know I should be able to dial-out with cu or uucp
to another *nix box and initiate a session WITHOUT having to disable the
port. Unfortunately this does not work. When I attempt to do this
I usually get caught up in the "deadly embrace" where each machine attempts
to login to the other.

Obviously I am doing something wrong but as I look through the manual it
appears that there is no real configuration for this command. Just place it
in /etc/inittab and let 'er rip.

I called Altos on this one and their response was that uugetty was only meant
for an Altos to call another Altos running uugetty. The sad part about it
was that they were serious.

Can anyone explain why this doesn't work? Common configuration (?!) problems
with uugetty?

--
                Michael R. Johnston - @NET: mikej at cpmain.uucp
 ...{cmcl2!phri!,uunet!}dasys1!cpmain!mikej || ...philabs!mergvax!cpmain!mikej

-----------------------------

From: Andrew Koenig <ark at alice.uucp>
Subject: Re: Special chars humor (was password security)
Date: 24 Dec 88 14:44:25 GMT
To:       unix-wizards at sem.brl.mil

In article <3934 at pt.cs.cmu.edu>, dlc at dlc.fac.cs.cmu.edu (Daryl Clevenger)
 writes:
> Being relatively naive about
> UNIX and not knowing its history, he picked '@' as his special character,
> which /bin/passwd gladly accepted.

Why is this a problem?  He just has to enter `@' as `\@'.
--
                --Andrew Koenig
                  ark at europa.att.com

-----------------------------

From: Doug Gwyn  <gwyn at smoke.brl.mil>
Subject: Re: Standards
Date: 24 Dec 88 19:56:35 GMT
To:       unix-wizards at sem.brl.mil

In article <439 at maxim.ERBE.SE> prc at maxim.ERBE.SE (Robert Claeson) writes:
-In article <9166 at smoke.BRL.MIL>, gwyn at smoke.BRL.MIL (Doug Gwyn ) writes:
-> I've read quite a few DoD coding standards, data format standards,
-> program documentation requirements, etc.  They're generally pretty
-> horrible, requiring products that I personally would consider
-> inexcusably poor workmanship!
-So what style do *you* use when you write code, Doug?

Whatever's appropriate for the language, etc., keeping in mind the
needs of future maintainers (including myself after a few months).

One thing I do NOT do is provide punched-card decks and flowcharts.
(DFDs and FSA diagrams, yes, flowcharts, no).

-----------------------------

From: Paul De Bra <debra at alice.uucp>
Subject: Re: Special chars humor (was password security)
Date: 24 Dec 88 19:03:11 GMT
To:       unix-wizards at sem.brl.mil

In article <8598 at alice.UUCP> ark at alice.UUCP (Andrew Koenig) writes:
]In article <3934 at pt.cs.cmu.edu>, dlc at dlc.fac.cs.cmu.edu (Daryl Clevenger)
 writes:
]> Being relatively naive about
]> UNIX and not knowing its history, he picked '@' as his special character,
]> which /bin/passwd gladly accepted.
]
]Why is this a problem?  He just has to enter `@' as `\@'.
]--
]                --Andrew Koenig

It is a problem because of the inconsistency: the password he gave to the
passwd program is NOT the password he has to type to log on.

Passwd should have treated the char @ the same way login does, even if this
user has a different kill-line character, because login will use the default.

Paul.
--
 ------------------------------------------------------
|debra at research.att.com   | uunet!research!debra     |
 ------------------------------------------------------

-----------------------------

From: Paul De Bra <debra at alice.uucp>
Subject: Re: rsh environment
Date: 24 Dec 88 19:19:17 GMT
Keywords:
To:       unix-wizards at sem.brl.mil

In article <14640 at cisunx.UUCP> jcbst3 at unix.cis.pittsburgh.edu (James C. Benz)
 writes:
>In article <1276 at uwbull.uwbln.UUCP> ckl at uwbln.UUCP (Christoph Kuenkel) writes:
>>Is there any way to alter the default environment setting used when
>>rsh (the bsd remote shell) executes commands?
>>
>>our rsh (bull sps9 with spix os) sets up an default environment
>>
>HUH?  (cr,h,...)ackers anyone?  Isn't rsh RESTRICTED shell?  Anyway,
>why not just set these in .profile using standard UNIX syntax ala
>HOME=/usr/mydirectory;export HOME
>That is, if you have permissions on .profile.
>Or is YOUR UNIX *different* than mine (AT&T)?

Way back in the old days before networking /bin/rsh was a "restricted"
shell. Some more recent versions of Unix may still have the restricted
shell for historic reasons.

I don't know about System V, but BSD and 9Vr2 have abandoned the restricted
shell in favor of a "remote" shell, also called rsh. (But at least on 9Vr2
it is not /bin/rsh but /usr/bin/rsh.)

Paul.
--
 ------------------------------------------------------
|debra at research.att.com   | uunet!research!debra     |
 ------------------------------------------------------

-----------------------------

From: Arthur David Olson <ado at elsie.uucp>
Subject: Re: Special chars humor (was password security)
Date: 24 Dec 88 23:52:28 GMT
To:       unix-wizards at sem.brl.mil

> > . . .[a user] picked '@'. . .which /bin/passwd gladly accepted.

> Why is this a problem?  [The user] just has to enter `@' as `\@'.

The problem is that /bin/passwd fails to tell the user the above.
--
    Arthur David Olson    ado at ncifcrf.gov    ADO is a trademark of Ampex.

-----------------------------


End of UNIX-WIZARDS Digest
**************************



More information about the Comp.unix.wizards mailing list