vlcek@mit-caf.MIT.EDU (Jim Vlcek) (08/29/89)
People talking about ways of reprogramming someone else's terminal function keys: ``/tmp/PLEASE-README, and wait for someone with the right terminal (and capabilities) to cat it. And that isn't a security hole in cat...'' ``Anyone who uses "cat" to display unknown file contents on his fancy terminal deserves whatever he gets. However, in the case of "finger", there is no alternate method available (assuming remote system use). Therefore "finger" ought to better support its intended use.'' A friend of mine here at MIT was able to reprogram our terminal's setup configs by including escape sequences in the ``subject'' field of email messages. He limited his merriment to changing the name that the terminal displayed on its topmost line, but he could have done much worse. There's got to be a million such holes in each and every flavor of Unix one might work under. Closing known ones, like ``finger,'' is certainly a good idea, but the best idea would be to redesign terminals to greatly restrict attempts to reconfigure them over their serial link. In a previous message, Doug Gwyn mentioned that some terminals allow certain escape sequences to trigger actual input from the terminal. Good God in Heaven! What on Earth would you want to do that for?! Jim Vlcek (vlcek@caf.mit.edu uunet!mit-caf!vlcek)
guy@auspex.auspex.com (Guy Harris) (08/30/89)
>There's got to be a million such holes in each and every flavor of >Unix one might work under. Closing known ones, like ``finger,'' is >certainly a good idea, but the best idea would be to redesign >terminals to greatly restrict attempts to reconfigure them over their >serial link. Redesigning said terminals isn't sufficient, as long as a significant number of them exist out there. It is, at best, part of the solution; it is not *the* solution.