[182] in Zephyr_Comments
Re: big security hole in zephyr, esp. xsetroot
daemon@ATHENA.MIT.EDU (Robert S. French)
Fri Mar 24 15:21:31 1989
Date: Fri, 24 Mar 89 15:10:18 EST
From: "Robert S. French" <rfrench@ATHENA.MIT.EDU>
To: jh@ATHENA.MIT.EDU
Cc: pikans@ATHENA.MIT.EDU, sipb@ATHENA.MIT.EDU, watch@ATHENA.MIT.EDU,
In-Reply-To: Joe Harrington's message of Fri, 24 Mar 89 14:43:19 EST
Just for the record, this is _not_ a bug in Zephyr. The XSETROOT
stuff is _not_ included in the default zephyr.desc. This should be a
very good example of why it is a _bad_ idea to include random exec's
in your zephyr.desc file...
Rob
