Failure of iswind()

DoN Nichols dnichols at
Sat May 25 14:01:52 AEST 1991

In article <1991May24.203238.7990 at> jeffrey at (Jeffrey L Bromberger) writes:
>Just for fun, I tried the following command from my VAX to my
>ethernet'ted 3b1:
>% rsh notvax /usr/games/klondike
>Now, considering the fact that I'm not logged in on the console, this
>should fail.  This game, like many others, use iswind() to see if I'm
>on the bitmapped screen.  The logic should stop me if I'm not.
>But, it doesn't!  It overwrites the console display (without regard as
>to what or who is going on) with the game screen!

	Yep, happened to me when my wife called it up after reading news on
my system.

>Any idea why all these games (klondike/mahjongg/rocks/bugs) all have
>this behavior?  Is it only seen when using the ethernet package?  Does
>this happen if someone dials in via the OBM?  Is iswind() just plain

	Yes, it happens when logged in to a tty port.  I presume that it
could happen via the OBM as well.  Iswind() must be quite brain-damaged.  I
added code to my first copy of klondike to check if /dev/tty = w? to avoid
this, but that is a kluge.

>Isn't this some bizarre sort of security hole?!?

	At least a denial-of-service one.  Maybe we need to rewrite iswind().

	Kep Hoping
Donald Nichols (DoN.)		| Voice (Days):	(703) 664-1585
D&D Data			| Voice (Eves):	(703) 938-4564
Disclaimer: from here - None	| Email:     <dnichols at>
	--- Black Holes are where God is dividing by zero ---

More information about the Comp.sys.3b1 mailing list