astro@princeton.UUCP (06/19/83)
As has been mentioned before on the net many terminals are vulnerable
to escape sequences sent from someone other than the person logged onto the
terminal. These range from "letter bombs" of various kinds that put the
terminal into strange modes to the more scary ones where someone takes control
by having your terminal send what is on the screen back to the computer which
interprets it as a command (I think I can mention that here because a short
while ago someone else did).
I have had for a while an idea for a fix that I would now like to share.
It is a bit draconian because several things would have to be changed. First
of all `write' (and any other program that allows writing to someone elses
terminal) should filter out control characters except the usual linefeeds,
carriage returns and tabs. This should be done anyway, whether or not any of
these other things are done. Next general write permission should be turned
off on terminals. `mesg' would then toggle the world and group Execute
permission bit on the terminal rather than the write permission, as the
execute permission bit is currently unused. `write' and its cohorts would
then be made setuid-to-root and would check for execution permission on the
target terminals. `write' should, of course, do a setuid(getuid()) on its
shell exec.
With this scheme one is still vulnerable to Trojan Horses (escape
sequences in the files one reads, or in one's mail) but, at least, you will
not be bothered by escape sequences sent directly to your terminal.
William L. Sebok
Princeton Univ. Observatory (i.e. Astronomy Dept.)
{allegra,mhb5b}!princeton!astrovax!wls (preferred)
or {allegra,mhb5b}!princeton!astro