Bugtraq mailing list archives
Re: UnixWare
From: perry () snark imsi com (Perry E. Metzger)
Date: Tue, 26 Apr 1994 07:40:51 -0400
Carl Corey says:
I am currently in the position of allowing public access to a 486 running UnixWare. Does anyone have a list of bugs that affect it? The system will be accessable via dialup _and_ tcp ... If anyone has information regarding what bugs it has, and what version they are fixed in (or patch IDs, etc) ... please e-mail me or post to the list. Thanks.
In general, its safer to plan a system to be as inherently secure as possible rather than trying to chase the bugs as they arise. If you eliminate suid programs, access to dangerous devices, and the capacity to leave programs around for you the administrator to execute (i.e. trojan horses), you've gone a long way towards making your system inherently secure. Almost all defects in the security of public access sites lie in one of these things, or in an obvious hole like bad file permissions. Perry
Current thread:
- Re: CERT Advisory - wuarchive ftpd Trojan Horse Alastair Young (Apr 06)
- Re: CERT Advisory - wuarchive ftpd Trojan Horse Bonfield James (Apr 11)
- <Possible follow-ups>
- Re: CERT Advisory - wuarchive ftpd Trojan Horse Pat Myrto (Apr 19)
- Re: IETF Dave Fetrow (Apr 19)
- Re: IETF Brad Passwaters (Apr 19)
- Summary of NFS Quest Responses Pat Myrto (Apr 20)
- UnixWare Carl Corey (Apr 25)
- Re: UnixWare Perry E. Metzger (Apr 26)
- Re: UnixWare Marc W. Mengel (Apr 26)
- Re: IETF Dave Fetrow (Apr 19)