Slaying Gould dragon with a wooden
Henry Spencer
henry at utzoo.UUCP
Sat Nov 8 06:24:35 AEST 1986
> Maybe I'm missing something obvious, but why are block-mode
> terminals a security problem?
Any terminal which can be caused, remotely, to send part of what's on its
screen is a security problem on a normal Unix. Just write something out
to the screen and then send the send-screen sequence, and the characters
come in just as if the user had typed them. Do it when somebody is
signed in as root on such a terminal, and you've got superuser powers.
The only fixes are to either (a) avoid such terminals, or (b) carefully
control what other people can write to your terminal. The latter is
harder than it looks, because the bad guy can always put the interesting
sequences in mail messages ("letterbombs") or in files rather than sending
them directly.
Remotely-programmable function keys can also cause trouble this way. If
their contents can be read back remotely, the same technique works. If
there is no read-back, you have to choose a key that the user will hit
in the course of normal use.
--
Henry Spencer @ U of Toronto Zoology
{allegra,ihnp4,decvax,pyramid}!utzoo!henry
More information about the Comp.unix
mailing list