Unix systems have many special systems programs, called daemons, which
run continuously in the background, or upon request, to provide services such as
sending and receiving mail, remote file service, WEB service, FTP service, etc.
Daemons are important extensions to the basic facilities of the operating system, but
have proven to be a source of problems from a security point of view. For example,
the Internet worm, written by Robert Tappan Morris in November, 1988, exploited a
deficiency of the Unix sendmail
daemon to send executable copies of
itself from one machine to another on the Internet [Spaf 88,Spaf 89].
The program did not destroy
files on a machine or damage computer hardware, but it did contain a flaw which
caused it to recopy itself on a machine, consuming resources and disrupting
network services. Morris, the son of Robert H. Morris, who devised the Unix
password encryption schemes [Gram 84,Morr 79], was convicted of
violation of the Computer
Fraud and Abuse Act of 1986, 18 U.S.C. s 1030(A) (5)(A) (1988), appealed unsuccessfully
in 1991 and was sentenced to three years probation, 400 hours of community service,
a fine of $10,050.00 and the costs of his supervision. This Internet security
incident, focused attention on the vulnerability of Internet hosts to attacks.
While most of problems which were exploited by the worm have been fixed, the
threat still exists today, ten years later, that new problems will be found
in Unix daemons and other programs. As recently as July, 1998, new security
problems [Walk 98,Gard 98]
have been discovered with programs for sending and receiving e-mail.