[183] in Zephyr_Comments
big security hole in zephyr, esp. xsetroot
daemon@ATHENA.MIT.EDU (Joe Harrington)
Fri Mar 24 16:56:49 1989
Date: Fri, 24 Mar 89 16:41:39 EST
From: Joe Harrington <jh@ATHENA.MIT.EDU>
To: rfrench@ATHENA.MIT.EDU
Cc: pikans@ATHENA.MIT.EDU, sipb@ATHENA.MIT.EDU, watch@ATHENA.MIT.EDU,
In-Reply-To: "Robert S. French"'s message of Fri, 24 Mar 89 15:10:18 EST <8903242010.AA08477@PORTNOY.MIT.EDU>
Cc: jh@ATHENA.MIT.EDU
Reply-To: jh@ATHENA.MIT.EDU
I was not implying that this is a bug -- it is, however, something
that a LOT of people have in their .zephyr.desc's, and something
consultants have been telling people how to do. I would recommend
that Athena put a note about the security danger wherever the exec
item is documented.
--jh--
