BSD tty security, part 3: How to Fix It
The Laughing Prophet
seebs at thor.acc.stolaf.edu
Wed May 22 17:07:22 AEST 1991
In article <1991May9.145536.20002 at odin.diku.dk> bombman at diku.dk (Hans-Henrik St{rfeldt) writes:
>Another problem pops up, using write with X-windows, it is possible to hide
>yourself entirely, from the person you write to. This is done by making a
>'non-login-shell' from your mail session (xterm). Then you can write to other
>users, who gets following message:
>Message from ???@freja on ttyp7 at 10:24 ...
>typed message here....
>EOF
Hmm... I know a way, on most unix systems, to duplicate this wrt a
normal user (i.e., someone who doesn't quite have the background to
use 'ps' instinctively)...
write <foo>
<type message here>
<*type* "EOF">
^Z out of the job and wait. About 5 minutes later, they will have forgotten
about you. Then, fg the job, and:
^V^GMessage from root at gopher.rodent.generic.com on ttyl4 at 16:32 ...
>type message here<
EOF
and repeat as often as desired. Most people will be fooled by this
one...
And I have *no* idea how to stop it in any reasonable way.
>--Hans Henrik Staerfeldt
>ps. I am a user, not a sysop
Hmm. I sort of run a NeXT, but really I'm just a user. I want to be
a sysop some day, though...
> // .|{}| Bombman at freja.diku.dk |
>/-| |__| Hans Henrik Staerfeldt |
--SeebS--
--
Peter Seebach - The Laughing Prophet | | Anonymous Posting Here!
I don't speak for St. Olaf, St. Olaf | | seebs at acc.stolaf.edu
doesn't speak for me, and Marcel Marceau | | "Forgive them Father, for they
speaks for no one. | | do not get the joke..."
More information about the Comp.unix.wizards
mailing list