Should Dan post full details of his tty bugs?

Joe Konczal konczal at sunmgr.ncsl.nist.gov
Thu May 9 02:49:43 AEST 1991


   From: bill <bill at franklin.com>
   Date: 4 May 91 20:14:46 GMT

   In article <1991May3.183159.23747 at maths.tcd.ie> 
	   chogan at maths.tcd.ie (Christine Hogan) writes:
   : In <4601 at skye.ed.ac.uk> richard at aiai.ed.ac.uk (Richard Tobin) writes:
   : >For this reason I believe it would be best for Dan to post full details
   : >of the various loopholes.
   : I disagree.  I _don't_ have sources and I _do_ have lots
                  ======================		
                  ======================		
                  ======================		
   : of idle undergrads lapping up this discussion and dying
   : for all the damaging details to be posted.  Dan is doing
   : exactly the right thing for my predicament.

   You are in a fool's paradise. At least one of your undergrads is 
   smart enough to figure out what to do with the hole given the 
   clues already posted and to cover himself after using it. For as 
   long as you remain ignorant of the details, you are prevented from
   taking preventative action.

If Dan posted full details, those who don't have the source to their
operating systems would still be unable to close the loopholes, but
many other undergrads, who are not smart enough or motivated enough to
figure it out on their own, would now know how to abuse these
loopholes.

If you really need to know the details of the loopholes Dan is talking
about why don't you try to convince him to send them to you, instead
of writing yet another naive, "doesn't every SA have the OS source,
and the time and ability to fix it immediately?", message to the
network.

--
Joe Konczal
konczal at ncsl.nist.gov



More information about the Comp.unix.wizards mailing list