[5346] in Athena Bugs
quota
daemon@ATHENA.MIT.EDU (Jonathan I. Kamens)
Thu Jun 28 18:21:51 1990
Date: Thu, 28 Jun 90 18:21:34 -0400
From: "Jonathan I. Kamens" <jik@pit-manager.MIT.EDU>
To: kevles@ATHENA.MIT.EDU
Cc: bugs@ATHENA.MIT.EDU
In-Reply-To: bugs[5339]
From: kevles@ATHENA.MIT.EDU
Date: Thu, 28 Jun 90 08:53:41 -0400
Actually, I had attached the user's home directory. I was able to get his
quota by using quota.ucb. I apologize for leaving that information out of
my initial bug report.
I don't see how this is relevant; it just means that the quota server
in question is running old-version user quotas rather than new-version
grop quotas, because operations hasn't updated it to use group quotas
yet.
Old-version quotas aren't authenticated, so you were able to take
advantage of the quota security hole to get the quota. You won't be
able to do that when the fileservers are updated.
Jonathan Kamens
Project Athena Quality Assurance
