vlcek@mit-caf.MIT.EDU (Jim Vlcek) (08/26/89)
On the security problem arising from programmable function keys being reprogrammed by output from programs like finger or cat, I think that the fault here lies with the too-trusting terminal, not with Unix terminal drivers. The normal operation mode of a terminal, it seems to me, should be to ignore attempts to reprogram it from its serial port, and to accept such attempts only when configured to do so. Such configuration, of course, would be a setup option. The ideal terminal would demand a password to reprogram any keys or configure the terminal to accept programming over the serial line. This would disallow coworkers from rebinding F10 from "logout<CR>" to "rm -rf .", or something similar, while you're out getting coffee. Jim Vlcek (vlcek@caf.mit.edu uunet!mit-caf!vlcek)
barmar@think.COM (Barry Margolin) (08/27/89)
In article <1815@cunixc.cc.columbia.edu> fuat@cunixc.cc.columbia.edu (Fuat C. Baran) writes: >Just out of curiosity, what unix applications make use of a terminal's >capability to rebind function keys and/or have it type back arbitrary >data on command? I don't know any specific Unix applications that do this (Unix applications tend not to rely on features not supported by most terminals), but I can certainly imagine generic applications that could use the ability. Someone else already mentioned programming function keys at login time. Another use would be to remap the keyboard completely, say to Dvorak style (yes, there *are* terminals that let you remap any key -- I believe the Ann Arbor Ambassador can do this). Editors and forms-filling programs might want to do this, too. Barry Margolin Thinking Machines Corp. barmar@think.com {uunet,harvard}!think!barmar