[TUHS] Cool talk on Unix and Sendmail history, by Eric Allman
Norman Wilson
norman at oclsc.org
Mon Jul 31 04:22:55 AEST 2023
Doug McIlroy:
This reminds me of how I agonized over Mike Lesk's refusal to remove
remote execution from uucp.
====
Uux, the remote-execution mechanism I remember from uucp, had
rather better utility than the famous Sendmail back-door: it
was how uucp carried mail, by sending a file to be handed to
mailer on the remote system. It was clearly dangerous if
the remote site accepted any command, but as shipped in V7
only a short list of remote commands was allowed: mail rmail
lpr opr fsend fget. (As uucp was used to carry other things
like netnews, the list was later extended by individual sites,
and eventually moved to a file so reconfiguration needn't
recapitulate compilation).
Not the safest of mechanisms, but at least in V7 it had a use
other than Mike fixing your system for you.
Is there some additional history here? e.g. was the list of
permitted commands added after arguments about safety, or
some magic command that let Mike in removed? Or was there a
different remote-execution back door I don't remember and don't
see in a quick look at uuxqt.c?
Norman Wilson
Toronto ON
More information about the TUHS
mailing list