Presentation by Fred Mallett at ADUS Conference
October 2, 1990 San Diego, CA

This information will be put into the next relase of COPS-A.

1.    /etc/suid_exec runs scripts as root, used by ksh
      - delete it from directory
      - delete it from AA
      - fixed by incremental release tape for 10.1 and 10.2
      - fixed in 10.3

2. 10.1
      /etc/server -p may be suid to root
           if so, delete suid bit. This breaks it but it is broken in 10.1 period. This makes
           it at least harmless.

3. ACL's
      /etc and /sys/dm wide open

4. use k rights to protect files which must be in writable directories

5. `node_data is a major problem without a solution

6. 10.1 and 10.2 rbak
      - restore files with root ownership
      - protected subsystems can retain source ACL's

7. SR10
      root should not have . in search path. Or at least put it at the end of search path.

8. BSD project list
      /etc/group
      - you get combined rights of all groups to which you belong
      - take 'user' out of sysadmin group

9. SR9
      a) sid program (changes sid) delete it
      b) /usr/apollo/bin/xdmcr (xdmc remote) delete it
      c) subsystem login delete write rights

10. SR10.1 minst install closed/open was backwards
      SR11 defaults to closed ACL's

11. /etc/reboot and /etc/shutdown enable remote shutdown

12. SR10.2 audit system
13. change default password from -apollo-

14. misc
      /etc/edns

15. Watch network root ACLs and initial ACLs
      //