Brock Tellier wrote: > Any user may overwrite any file with group auth (i.e. /etc/shadow, [sad tale which does not require repeating] Brock, I would like to publically thank you for the auditing you are doing. And, I suppose, hang my head in shame at the problems you're finding in the process. You are being heard. Various people and groups at SCO are scrambling to fix what's been mentioned. Your discoveries are also prompting various proactive security audit efforts. I'm not in a position to make any promises about results. I do know that we have good intentions and will try to deliver on them as well as we can... Not an official SCO representative -- >Bela<
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:07:12 PDT