Internet Virus: SunOS patches

Guy Harris guy at auspex.UUCP
Sun Nov 13 07:37:45 AEST 1988


>> You can argue, probably justifiably, that they [Sun] should either have turned
>> DEBUG off when building it, or at least made debug mode not have the
>> side-effect of allowing addresses other than user names in RCPT lines,
>> but you can also argue that Berkeley should have done that as well.... 
>
>  I have not seen Berkeley advertising the suitability of their work for end-
>  user or commercial applications.  Sun's does daily.

This hardly argues that it was OK for Berkeley to consciously leave that
trap door in without warning people about it.  (It also doesn't argue
that Sun should, but then I wasn't arguing that it *was* OK for Sun to
do this.  I was just pointing out that Sun didn't consciously make the
software *less* secure than it was as it came from Berkeley; the
original poster was asserting that Sun and Mt. Xinu had done precisely
that, which was simply not true.)



More information about the Comp.unix.wizards mailing list