BSD tty security, part 4: What You Can Look Forward To
Matthew T. Russotto
russotto at eng.umd.edu
Wed May 1 08:02:59 AEST 1991
In article <1991Apr29.222139.21284 at pcserver2.naitc.com> kdenning at pcserver2.naitc.com (Karl Denninger) writes:
>
>I have to agree.
>
>I am in charge of Internet and external security here. There is another
>group which is in charge of internal security.
>
>Both of us, I'm sure, would like to have some FACTS on this stuff. TIOCSTI
>is well known as a problem, but I thought that was supposed to be restricted
>to use by root (unless it's your control terminal....).
The trick is to grab control of the next unused terminal. Then, the next
sucker to log in is vulnerable. It works.
>I think I just heard you say that was all malarkey, that anyone could
>TIOCSTI my root session while logged in over a pty, and that you could
>exploit those items to gain control of my session.
>
>From the manual pages, I believe it shouldn't work.
It worked on certain Ultrix revisions-- can't say anything about any other
systems.
--
Matthew T. Russotto russotto at eng.umd.edu russotto at wam.umd.edu
.sig under construction, like the rest of this campus.
More information about the Comp.unix.wizards
mailing list