mjb@acd4.UUCP ( Mike Bryan ) (09/09/89)
Hmmm. The latest issue of "UNIX Today!" (September 4, 1989) has an article regarding a West Germany computer espionage ring. Within the article, the following text appeared ("Stoll" is one of the guys involved in monitoring the breakins): "We captured all of his keystrokes on a printer and saw how he used a subtle bug in the GNU-Emacs text editor to obtain system manager privileges," Stoll wrote in a report for the Communications of the ACM. Ok, does anyone know the details of this "subtle bug"? Has it been fixed in a recent release? Also, does anyone know which issue of the CACM contains the original report? Apologies if this has been discussed here before, but I've just started reading this group. -- Mike Bryan, Applied Computing Devices, 100 N Campus Dr, Terre Haute IN 47802 Phone: 812/232-6051 FAX: 812/231-5280 Home: 812/232-0815 UUCP: uunet!acd4!mjb ARPA: acd4!mjb@uunet.uu.net "Did you make mankind after we made you?" --- XTC, "Dear God"
rms@AI.MIT.EDU (09/09/89)
There never was a bug in Emacs. Someone at Stoll's site installed movemail with setuid to root, something that movemail was not (at that time) designed to handle. (It is now.)