by redmail.netbsd.org with SMTP; 3 Nov 1999 17:14:14 -0000
  (SMTPD32-5.05) id AE1DF40D0154; Wed, 03 Nov 1999 12:17:17 -0500
	by tome.neutralgood.org (8.8.8/8.8.8) id MAA18612
	for tech-security@netbsd.org; Wed, 3 Nov 1999 12:13:26 -0500 (EST)
Date: Wed, 3 Nov 1999 12:13:26 -0500
From: "Kevin P. Neal" <kpneal@pobox.com>
To: tech-security@netbsd.org
Subject: Re:  evil? sshd patch
Message-ID: <19991103121326.A18372@tome.neutralgood.org>
References: <199911031352.IAA14915@Twig.Rodents.Montreal.QC.CA>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <199911031352.IAA14915@Twig.Rodents.Montreal.QC.CA>; from der Mouse on Wed, Nov 03, 1999 at 08:52:38AM -0500

On Wed, Nov 03, 1999 at 08:52:38AM -0500, der Mouse wrote:
> This is a gaping security hole waiting to happen to some site whose
> local super-user is named something other than root.  (I'd expect you,
> as someone in Oz-land, would be aware of this possibility.... :-)

I know a guy who does just this. His 'root' account is named after
cartoon characters.
-- 
Kevin P. Neal                                http://www.pobox.com/~kpn/

My end of the semester blues (March 22, 1999 9:23pm):
          "I'M GOING TO DIE! ..... This calls for pretzels!"