SECURITY BUG IN INTERACTIVE UNIX SYSV386
Sean Eric Fagan
sef at kithrup.COM
Fri Feb 15 18:44:04 AEST 1991
In article <6027 at unix386.Convergent.COM> mburg at unix386.Convergent.COM (Mike Burg) writes:
>I think the blame should be placed on AT&T. They are the
>ones who are (were) shipping the base source with the bug. Most AT&T UNIX
>vendors typically only concentrate on adding more options to the system
>(i.e. X-Windows, more controller card support, networking). They usually
>don't looking into rats mazes like memory managment.
On the other hand, the three companies involved in porting SysVr3.2 to the
'386 were (to the best of my knowledge, mind you) AT&T, Intel, and ISC.
Although I will not name names, I will comment that someone whose opinion I
respect very much has laid the blame on intel for this. That is hearsay,
though, so take it with a grain of salt.
>You'd be expecting for AT&T to ship a somewhat "secure" (if
>you can call it that) product, without serious holes like this one. Logical
>conculsion - concentrate on value and price.
Someone commented that AT&T fixed it in their 3.2.1 product; should I take
this discussion to alt.conspiracy? 8-) 8-) 8-)
--
Sean Eric Fagan | "I made the universe, but please don't blame me for it;
sef at kithrup.COM | I had a bellyache at the time."
-----------------+ -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.
More information about the Comp.unix.sysv386
mailing list