Slaying Gould dragon with a wooden horse

Bob Page page at ulowell.UUCP
Sun Nov 2 03:34:10 AEST 1986


wcs at ho95e.UUCP (Bill Stewart) wrote in article <1056 at ho95e.UUCP>:
> ... Most CRTs have a block=transfer mode that can be exploited
> by a letter-bomb.

Anybody who reads mail as root deserves to get a letter bomb!

You should forward root's mail to non-priv'd accounts, and keep
`mesg n' and `biff n' (a Berkeleyism) so people/daemons can't write
to root's terminal.  You can hack su(1) to do this for you, including
catching the suspend/wakeup signals to restore biff/mesg as you
bounce in and out of `su' state.

Harder to deal with: If you log in as root on the console and somebody
sends a message via syslog(3).  Anybody found a resonable defense against
this, other than ``don't use block-mode terminals for consoles'' (an
academic question, we don't anyway) or ``don't log in to the console''?

..Bob
-- 
UUCP: wanginst!ulowell!page	Bob Page, U of Lowell CS Dept
VOX:  +1 617 452 5000 x2976	Lowell MA 01854 USA



More information about the Comp.unix.wizards mailing list