tty security problems under SunOS 4.1 and SunOS 4.1.1

[Dan Bernstein]

In article <16155 at smoke.brl.mil> gwyn at smoke.brl.mil (Doug Gwyn) writes:
> In article <25239:May1416:21:3591 at kramden.acf.nyu.edu> brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
> >In the long term: SunOS is still insecure, and a sufficiently dedicated
> >cracker can and will be able to get past tty security no matter how many
> >other holes you close. It is inexcusable for Sun to leave this open.
> Why?  Has Sun made any promises about absolute security of SunOS?
> For example, are they claiming B2 certification for it?

Well, they do have an option which, they claim, provides C2 security.
But I was thinking more on ethical grounds.

> I've always had the impression that UNIX was intended for resource
> sharing much more than for resource hiding, and that the security
> mechanisms were meant to prevent accidental problems, not dedicated
> attacks.

Perhaps you didn't notice the complaint just a few weeks back about how
somebody was getting output from someone else's background process under
SunOS 4.0. That sounds like a problem to me. And the commercial world
(not to mention universities) has to pay attention to dedicated attacks.

> I guarantee that there are other security problems on most versions
> of UNIX besides the one you've been carrying on about.  What makes
> that one problem so much more significant than the others?

The bugs I've pointed out are on practically every BSD-derived UNIX
system, meaning practically every UNIX machine on the Internet. The
smaller set of bugs pointed out by Bellovin are on AT&T-derived UNIX
systems too. Very few such dangerous holes have survived so long on so
many machines.

---Dan