From: Douglas McIlroy <douglas.mcilroy@dartmouth.edu>
To: TUHS main list <tuhs@tuhs.org>
Subject: [TUHS] Re: Cool talk on Unix and Sendmail history, by Eric Allman
Date: Sun, 30 Jul 2023 13:33:00 -0400 [thread overview]
Message-ID: <CAKH6PiX8fe89=0TBa4_Vk0x8Sf1g+AydPNpUA2CHA6E_LRmB8A@mail.gmail.com> (raw)
"Lessons learned" overlooked the Morris worm, which exploited not only
the unpardonable gets interface, but also the unpardonable back door
that Allman built into sendmail.
This reminds me of how I agonized over Mike Lesk's refusal to remove
remote execution from uucp. (Like Eric, Mike created the feature to
help fix the myriad trouble reports these communication facilities
stimulated.) It seemed irresponsible to distribute v7 with the feature
present, yet the rest of uucp provided an almost indispensable
service. The fig leaf for allowing uucp in the distribution was that
remote execution was described in the manual. If you didn't like it
you could delete or fix uucp. (Sendmail's Trojan horse was
undocumented, though visible in the code.)
Doug
next reply other threads:[~2023-07-30 17:33 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-30 17:33 Douglas McIlroy [this message]
-- strict thread matches above, loose matches on Subject: below --
2023-07-30 18:22 Norman Wilson
2023-07-30 21:43 ` Rob Pike
2023-07-30 23:34 ` George Michaelson
2023-07-30 23:59 ` Erik E. Fair
2023-07-31 0:26 ` Warner Losh
2023-07-31 22:57 ` Grant Taylor via TUHS
2023-07-31 23:05 ` Warner Losh
2023-08-01 2:45 ` Grant Taylor via TUHS
2023-08-01 1:51 ` Niklas Karlsson
2023-08-01 2:47 ` Grant Taylor via TUHS
2023-08-01 3:20 ` Theodore Ts'o
2023-07-31 0:41 ` segaloco via TUHS
2023-08-01 9:22 ` Marc Donner
2023-08-01 10:58 ` Erik E. Fair
2023-08-02 0:37 ` Dave Horsfall
2023-08-02 14:52 ` Ron Natalie
2023-08-02 21:14 ` Grant Taylor via TUHS
2023-08-02 22:20 ` segaloco via TUHS
2023-08-02 22:37 ` Warner Losh
2023-08-02 23:49 ` Rich Salz
2023-08-02 23:33 ` Dave Horsfall
2023-07-21 18:53 [TUHS] " Rich Morin
2023-07-21 22:14 ` [TUHS] " Grant Taylor via TUHS
2023-07-21 22:30 ` Larry McVoy
2023-07-21 22:33 ` Grant Taylor via TUHS
2023-07-21 22:39 ` Larry McVoy
2023-07-21 23:39 ` Steve Nickolas
2023-07-22 4:37 ` John Cowan
2023-07-22 1:48 ` segaloco via TUHS
2023-07-22 1:55 ` Jon Forrest
2023-07-22 6:45 ` Lars Brinkhoff
2023-07-22 14:54 ` Rich Salz
2023-07-22 15:24 ` Warner Losh
2023-07-22 16:12 ` Arrigo Triulzi via TUHS
2023-07-22 20:52 ` Dave Horsfall
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAKH6PiX8fe89=0TBa4_Vk0x8Sf1g+AydPNpUA2CHA6E_LRmB8A@mail.gmail.com' \
--to=douglas.mcilroy@dartmouth.edu \
--cc=tuhs@tuhs.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).