aburt@isis.UUCP (02/27/87)
Greetings Unix security fans!
I have taken over administration of the Unix Security Mailing List
from Lyle McElhaney and am officially announcing its rebirth.
[Lyle was swamped with work, and in the end left the company he was with.
He hadn't had time to do anything with the list for about a year now.
I'm Andrew Burt, prof. at the University of Denver, math/CS dept.]
He handed me all the stuff, including a years worth of queued up requests
to join. Rather than process the volumes of old requests when many people
may have moved, etc., I am going to toss the old requests so we can start
fresh. (Note: Old MEMBERS of the list will remain on the list -- this
paragraph only applies to people who REQUESTED to join during the past year.)
I am disturbed by the fact that all the mail Lyle received over
the past year were requests to join -- that is, there were no articles
submitted. If I only receive applications to join over the next few
months and no articles, I will announce that the list is dead (or at
least dormant). So c'mon folks, this ought to be a hot topic! Let's
get some submissions!
To make membership requests easier for you (and me of course) please
follow the following directions and use the following form to apply.
1. Who can join.
Because of the sensitive nature of the USML -- consisting largely
of discussions of security holes in existing Unix systems -- not
anyone can join.
You must either (a) be a root user of an "acceptable" system or (b)
have the permission of all root users of the systems between your
system and the nearest "acceptable" system (along the path from
your system to mine).
"Acceptable" means the system is operated by a commercial, governmental,
or educational institution. Examples of systems that are not
acceptable are bulletin board systems; home machines; or student
operated workstations.
The authority of approving/denying requests is vested in the
mailing list administrator.
2. How to join.
Fill out the following form and mail it to me FROM THE ROOT
LOGIN of your machine. If you don't mail it as root I will merely
send you another form and request that you do so, so don't waste your
time.
I will notify you of your status, either "accepted" or "under
investigation". In the latter case I will send background request
forms to the root users of the systems along the path from your
system to the nearest acceptable system. When all the reports
come in positive, you will be notified of your acceptance. (If
a negative report arrives you will be notified of your denial.
The final case is if not all the root users respond, but the ones
who do are in the affirmative: In this case it is up to YOU to
nudge them into replying.)
========================= Delete this line and above ======================
Your name: ____________________ Organization: ____________________
Title: ____________________
YOUR e-mail address (not root): ____________________
E-mail address to send MAILING LIST to
(e.g., might be a distribution alias): ____________________
Comments:
========================= Delete this line and below ======================
Send to "...{seismo, hplabs}!hao!isis!sec-request".
3. Archives, misc. matters.
If you are interested in obtaining archives of the old material,
or have other questions/comments, please send such to:
...!{seismo, hplabs}!hao!isis!sec-request
The archives are approximately 250K (150K compressed). I am
willing to set up temporary uucp connections for this -- at your
expense. (Isis is located in Denver, Colorado.) When you send
a request for archives please specify whether you can accept
data compressed with "compress" (with -b12 set for small memory
machines).
4. Submissions.
If you have some of the aforementioned hot topics to discuss --
send them to:
...!{seismo, hplabs}!hao!isis!security
When there is enough material to warrant a publication I will
publish.
--
Andrew Burt isis!aburt / aburt@isis.cs.du.edu
Fight Denver's pollution: Don't Breathe and Drive.