Hi ALL,
I the last couple of days I have been working on closing all security
holes that exist on our system. We have found a problem with the "RM"
command. We have found that users can remove files owned by root from there
personal directories. The user simply answer "yes" to the override the
"700" rights to the file.
We have a DEC 1000 running DEC Unix 4.0b. If any one has a fix please
email me, this is urgent.
Scott Johnson
scott_at_dsuper.net
Received on Sat Apr 12 1997 - 01:38:24 NZST