WARNING: There is another system
azure!randals
in security the standard UUCP software in V7, 2BSD, and 4BSD.
I have successfully constructed a shell command file which will execute
ANY desired command(s) on ANY system running vanilla UUCP. What's more,
the command is executed as (not root, darn) the "uucp" login, thus
allowing access to the L.sys and USERFILEs, which in turn yields more system
names to "attack". The actual commands executed are also untraceable,
but if you look through the LOGFILE, you can at least tell that somebody
is doing something (but not what they do).
I do not know if this is the same bug found by Berkeley People
(anyone out there that knows what they did please confer with me),
but I will be glad to share my knowledge with any properly identified
system administrator.
I will send computer mail only to "root" of any system that requests
the information. My uucp address is:
...!ucbvax!teklabs!tekmdp!randals
or
...!decvax!teklabs!tekmdp!randals
(many other systems also know about us... check your local maps)
Randal L. Schwartz
Tektronix Microcomputer Development Products
Beaverton, Oregon
houxt!govern
My department does work that is proprietary. So far, we have not had any
*serious* losses from our system (one of the BTL computer center public use
machines), but we have several levels of paranoia that we can invoke if needed -
For example, moving to a non-uucp-equipped, private system with all the admin-
istrative headaches that that entails.
If any of you have an effective way of accessing my system, please cat the
following files:
/n1/govern/readthis/STEALTHIS1
/n1/govern/readthis/STEALTHIS2
****** oops: The above paths should be /t1/govern.....
/t1/govern/paranoid/STEALTHIS3
The files have increasing levels of protections (e.g. directory "paranoid"
has protections 0750).
The shortest uucp path to my machine is ucbvax!ihnss!houxt!govern,
or teklabs!cbosg!houxt!govern.
Many Thanks;
Bill Stewart Bell Labs, Freehold, N.J.
201-577-5122