SECURITY BUG IN INTERACTIVE UNIX SYSV386

Conor P. Cahill cpcahil at virtech.uucp
Fri Feb 22 01:13:49 AEST 1991 

jca at pnet01.cts.com (John C. Archambeau) writes:
>Now this is getting to be a bloody sick joke.  I find it a little bit
>difficult to believe that there just isn't a simple binary patch for os.o much
>along the same lines as the inode patch that has been floating around for

Think about this.  The problem is that a certain area of the user structure
needs to be writable while the rest is read-only.  This will probably require
shifting the elements of the structure around, or at least changing the offsets
so that the writable portion ends up on it's own page.

This kind of change will require a recompile of every module that accesses
the user structure plus some additional changes in the setup code that places
the user structure at virtual adress 0xE...

This is definately a much larger change than that required for the inode
bug fix.

>This is going about as well as a SCUD missile attack.  Maybe we should get Joe
>Isuzu to head ISC tech support.  At least then we know that we're getting the
>shaft and ISC is getting the gold mine.

Yes ISC made a big mistake in letting this bug go. HOWEVER, they are trying 
to get a fix out as soon as they can.  This is not a small change and if they
were to send it out and it introduced an additional problem you would all 
be screeming louder.  The change has to be made, the new kernel has to be
tested and they will have to test the program level also, to make sure that
no problems were introduced there.

Once that is completed they have to put the patch together, get the disks
duplicated, and send them out. 

This will take time.  I too thought posting the fix would be appropriate, but
if there is a licensing agreement that stands in the way, there is nothing that
ISC can do about it.

>I want the patch in my hot little hands before the customer goes out and buys
>ISC.  Such security holes are intolerable.

Yes we all agree on this, even ISC.  

-- 
Conor P. Cahill            (703)430-9247        Virtual Technologies, Inc.
uunet!virtech!cpcahil                           46030 Manekin Plaza, Suite 160
                                                Sterling, VA 22170

More information about the Comp.unix.sysv386 mailing list