In message <13901(_dot_)958019788(_at_)nma(_dot_)com>, Einar Stefferud writes:
The first of these "worm/virus/addressbookmailers" was the IBM PROFS
"Chrismas Card" caper that occurred some time in the early 1990's,
long before MS willfully adopted the design.
It was in December, 1987.
Seems to me that this beloved "feature" (giving root privs to random
EMail messages) should (by now) now be fully discredited, and should
be destined for extinction, if only the customers will accept its
disappearance in trade for an absence of a continuing flood of these
$6,000,000,000 economic loss episodes.
See http://catless.ncl.ac.uk/Risks/5.80.html#subj1 for details on how
it worked -- but it didn't involve any analog to 'root' privileges.
When the recipient got a copy, there was an included (or attached; I
don't quite remember) REXX file. (REXX was a scripting language for VM/
CMS.) The message told you that it would display a Christmas card if
you ran it; most users did just that, since the note appeared to come
from someone they knew. And then the file replicated itself; you all
know the rest.
Note the two crucial points -- it ran with the user's permissions, and
it was explicitly run by the user, rather than by any automatic
mechanism.
--Steve Bellovin