dente@els.ee.man.ac.uk (Colin Dente) (07/19/90)
Well - once again the bringer of bad news (actually - this has been hinted at before). SR10.2 has a MASSIVE security hole. In fact, that description doesn't do justice to the scale of it. Anyone running 10.2 should 'phone their friendly local HP response centre and ask for advice concerning the security problem addressed by APR Nr. 455ECD30. That's all I'm prepared to say on the matter - and I fear that this might possibly be too much, but I think that this problem is too serious to rely on the old security by obscurity rubbish. Pre SR10.2 users can simulate the effects of this security hole quite simply by writing their root password in large, luminous letters across the front of their machines (no 8-) - not even a little one!.) Woefully yours, Colin -- Colin Dente | JANET: dente@uk.ac.man.ee.els Dept. of Electrical Engineering | ARPA: dente@els.ee.man.ac.uk University of Manchester, UK | UUCP: ...!ukc!man.ee.els!dente ... I am the one you warned me of ...