astro@princeton.UUCP (06/19/83)
As has been mentioned before on the net many terminals are vulnerable to escape sequences sent from someone other than the person logged onto the terminal. These range from "letter bombs" of various kinds that put the terminal into strange modes to the more scary ones where someone takes control by having your terminal send what is on the screen back to the computer which interprets it as a command (I think I can mention that here because a short while ago someone else did). I have had for a while an idea for a fix that I would now like to share. It is a bit draconian because several things would have to be changed. First of all `write' (and any other program that allows writing to someone elses terminal) should filter out control characters except the usual linefeeds, carriage returns and tabs. This should be done anyway, whether or not any of these other things are done. Next general write permission should be turned off on terminals. `mesg' would then toggle the world and group Execute permission bit on the terminal rather than the write permission, as the execute permission bit is currently unused. `write' and its cohorts would then be made setuid-to-root and would check for execution permission on the target terminals. `write' should, of course, do a setuid(getuid()) on its shell exec. With this scheme one is still vulnerable to Trojan Horses (escape sequences in the files one reads, or in one's mail) but, at least, you will not be bothered by escape sequences sent directly to your terminal. William L. Sebok Princeton Univ. Observatory (i.e. Astronomy Dept.) {allegra,mhb5b}!princeton!astrovax!wls (preferred) or {allegra,mhb5b}!princeton!astro