tullis@uiucdcsm.UUCP (02/25/87)
Here at the U. of I., the local student chapter of the Association for Computing Machinery has accepted a challenge to attempt to break into Gould's new `secure' UNIX OS. Would you wizards out there please send me (Chairman of local ACM) some detailed possible attacks on holes in UNIX OS's? I will pass the info on to our attack team, and to no one else (as I am also manager of an academic facility machine, I have a vested interest in maintaining such info secure). Only attacks on system software will be considered acceptable. Bribing a sys op would probably work but is not acceptable for the purposes of the attack; neither are methods such as loading the system down until it crashes. Please mail me the info rather than posting it. John Tullis ARPA: tullis@a.cs.uiuc.edu University of Illinois CSNET: tullis@a.cs.uiuc.edu at Urbana-Champaign UUCP: {ihnp4, pur-ee, convex}!uiucdcs!tullis
preece@ccvaxa.UUCP (02/25/87)
tullis@uiucdcsm.cs.uiuc.edu:
> neither are methods such as loading the system down until it crashes.
----------
This would be acceptable if it had some interesting side effect that
got you special access or if it could be used to otherwise compromise
security; it just wouldn't be very interesting if the only effect you
were able to accomplish were temporary denial of service.
[I should note that I'm not involved in organizing the struggle and
I don't know what kind of rules were set up for it; I would, however,
be personally intersted if overloading the system compromised
it.]
--
scott preece
gould/csd - urbana
uucp: ihnp4!uiucdcs!ccvaxa!preece
arpa: preece@gswd-vms