neufeld@menno.bethelks.edu (Keith Neufeld) (02/21/91)
I administrate the computer for a mental health care center. I almost have my supervisor convinced to register and get a public uucp connection, but she still hesitates. I would sincerely appreciate notes of encouragement from individuals at other security-/confidentiality-conscious institutions (particularly those in the field of health care) that I could give to her to back up my assurances that such a connection would not be hazardous to us. I would also welcome descriptions of how a net connection has been beneficial to the institution in general in such applications. Thank you for your assistance. Please email to the address below. -- kn neufeld@menno.bethelks.edu
peter@ficc.ferranti.com (Peter da Silva) (03/05/91)
UUCP *isn't* secure, in general. The latest version of HDB on System V.3.2 seems pretty robust, but (for example) I've gotten arbitrary commands executed on a V.2 system by appropriate shenanigans with the commands I've sent it. I'm posting this rather than emailing, because I think this is something that people need to be aware of. Some versions of UUCP are pretty solid. Some have holes you can drive a 747 through. Unless you let us know what your system is there's no way of saying if you're safe or not. -- Peter da Silva. `-_-' peter@ferranti.com +1 713 274 5180. 'U` "Have you hugged your wolf today?"