Implications of recent virus (Trojan Horse) attack
Root Boy Jim
rbj at nav.icst.nbs.gov
Tue Nov 15 06:54:08 AEST 1988
Doug,
Sometime awhile back (this spring, summer?), I remember someone's
comment regarding which sources contained the routine `gets', the routine
used to subvert fingerd. I recall you thanking the poster and stating
your intention to eradicate it from your System V emulation code.
I applaud you for your foresight, sharing your distaste for this beast.
You may very well have saved yourself from one prong of the fork.
I can imagine you crusading against gets() in both the C and POSIX
standards and I hope you have had success in that area. I would go
so far as to suggest that everyone remove this routine from libc.a
and place it in a separate library available only upon special request
for binary applications only, after filling out numerous forms.
I can see it now, a paper entitled `Local Variables Considered Harmful'.
(Root Boy) Jim Cottrell (301) 975-5688
<rbj at nav.icst.nbs.gov> or <rbj at icst-cmr.arpa>
Careful with that VAX Eugene!
More information about the Comp.unix.wizards
mailing list