Security and Smart Terminals
utzoo!decvax!watmath!dmmartindale
utzoo!decvax!watmath!dmmartindale
Fri Mar 5 10:26:33 AEST 1982
Just "mesg n" is not necessarily sufficient to prevent people from
exploiting smart terminals, at least on 4BSD - If you've done a 'biff y'
you get the initial part of a mail message displayed on your terminal
by comsat, regardless of whether there is general write on it. To be
absolutely sure that you can't have this happen to you, you'd have to
avoid reading your mail or reading any other user's files while in su,
just in case someone sends you a letter bomb, or leaves a file lying around
in the hope you will read it sometime. Admittedly, it's a lot harder
to do it undetected using the latter methods.
More information about the Comp.unix.wizards
mailing list