wtm@neoucom.UUCP (Bill Mayhew) (11/29/87)
I just wanted to say thanks to all who responded with suggestions for correcting the sucurity gap with the mail icon. Fortunately, nobody except for myself is likely to gain access to the machine in question. I called the AT&T hotline, and they did acknowledge that they know about the risks associates with smgr. Alas, they didn't suggest a fix. The net-supplied fix looks good to me, but I haven't had a chance to implement yet. The AT&T hotline people could not explain the random crashes that I've had. I keep a close check on uucp's admin files and never allow them to get over 100K or so (I still have 60% free on my disk anyway). I've had the problem one time after disabling the extra console getty. The last time I experienced a freeze-up was after another system uucp'ed about 100K of stuff to my uucppublic directory. I login: right to full screen Unix without ua. The only thing other than the mgrs was phdaemon. I don't think I ran out of windows. Of course, the hotline people blamed phdaemon. We discussed the code on the phone, and neither they nor I saw anything suspicious in it. They said they'd retrieve phdaemon from the net and look at it. So far, they have been careful to avoid suggesting a motherboard problem. By the way, phdaemon was posted a while back; it is a daemon program that monitors ph1 every 15 seconds, and prints the user or machine using ph1 in a small window next to the "DATA 2:" at the top of the screen. --Bill