[TUHS] "Webster's Second on the Head of a Pin"?
Rik Farrow
rik at rikfarrow.com
Thu Jan 2 04:11:13 AEST 2025
I wonder what Reeds meant. I know there are issues. For example, the 3B2 I
administered for a while in the late 80s had multiple accounts with rsh,
the restricted shell, as the login shell. That was okay, unless you used su
and then had access to a root shell.
HP/UX was way worse, with over 120 SUID shell scripts in the 90s. A much
more interesting example of insecurity. But somehow, I'm guessing that's
not what Reeds wrote about.
Rik
On Wed, Jan 1, 2025 at 8:02 AM Douglas McIlroy <
douglas.mcilroy at dartmouth.edu> wrote:
> I have it and will try to scan it in the next few days. Bug me if it
> doesn't appear.
>
> Doug
>
> On Tue, Dec 31, 2024 at 11:37 AM Chet Ramey <chet.ramey at case.edu> wrote:
> >
> > On 12/29/24 8:44 AM, Douglas McIlroy wrote:
> > > I can supply a copy if no one else has beaten me to it.
> > >
> > > Ron Hardin subsequently pushed the limit even further. Unfortunately,
> > > I do not have a record of that work.
> >
> > Along these same lines, does anyone on the list have a copy of
> >
> > "J. A. Reeds, /bin/sh: The biggest UNIX security Loophole,
> > 11217-840302-04TM, AT&T Bell Laboratories, Murray Hill, NJ (1984)"?
> >
> > Years ago, in another lifetime, I wrote and asked him for a copy, but
> > never got a reply.
> >
> > --
> > ``The lyf so short, the craft so long to lerne.'' - Chaucer
> > ``Ars longa, vita brevis'' - Hippocrates
> > Chet Ramey, UTech, CWRU chet at case.edu
> http://tiswww.cwru.edu/~chet/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tuhs.org/pipermail/tuhs/attachments/20250101/f3aee2b2/attachment.htm>
More information about the TUHS
mailing list