charlie@ureka.UUCP (charlie crassi) (10/23/88)
Subject: Bugs in my Maze Keywords: Amazing Maze I had a new user to ureka call me when his terminal got hung up. What I found I could not explain so I hope perhaps Lenny, John, or some other UNIX-PC jock can assist. Nobody was logged in at the console, and Duane had called in on his IBM PC clone running Procomm version ?? in the VT100 emulator mode. He called up the User Agent (bad no no) and selected Toybox. In Toybox he calledup Hic's Amazing Maze from THE STORE. At this point, his terminal locked up and Amazing Maze fired up on the Console with nobody logged in. However, it only painted the first 2 screens and stayed in the 3D Maze entrance accepting NO keyboard input. When I first saw it, I was Amazed (no pun intended). My questions are: 1) How did this get started up on w1 ? It was running with a uid of 0. 2) Why did it disable both terminals ? 3) I had installed this as install. All of the permissions looked normal. It has never happened before to my knowledge. Has any one ever had the same or similar experience ? Other games ran OK. If anyone has had the same type of thing happen, can you send me the particularson the incident ? -- charlie rutgers!rochester!kodak!ureka!charlie
jbm@uncle.UUCP (John B. Milton) (10/24/88)
In article <117@ureka.UUCP> charlie@ureka.UUCP (charlie crassi) writes: >Subject: Bugs in my Maze >Keywords: Amazing Maze > >I had a new user to ureka call me when his terminal got hung up. What I found >I could not explain so I hope perhaps Lenny, John, or some other UNIX-PC jock >can assist. Wow, I'm up to jock class now! The problem is that Hic's amazing maze is not so amazing. It does not check to see if the person running it is on the console, i.e. with: if (strncmp(ttyname(0),"/dev/w",6)==0) ... and since it did not check, it went ahead and opened /dev/window. Oh, yeah anyone can open /dev/window. It is no surprise that console input did not do anything, the program was still reading from the terminal. But, wait! there's more! Just try to remove (de-install) Hic's amazing maze. The "'" in Hic's goofs up the remove procedure, so you can't remove it. John -- John Bly Milton IV, jbm@uncle.UUCP, n8emr!uncle!jbm@osu-cis.cis.ohio-state.edu home (614) 294-4823, work (614) 764-4272; Send vi tricks, I'm making a manual
lenny@icus.islp.ny.us (Lenny Tropiano) (10/24/88)
In article <117@ureka.UUCP> charlie@ureka.UUCP (charlie crassi) writes: |> |>I had a new user to ureka call me when his terminal got hung up. What I found |>I could not explain so I hope perhaps Lenny, John, or some other UNIX-PC jock |>can assist. |> UNIX PC jock, I guess that's a complement (Thanks) ;-) |>Nobody was logged in at the console, and Duane had called in on his IBM PC |>clone running Procomm version ?? in the VT100 emulator mode. |> |>He called up the User Agent (bad no no) and selected Toybox. In Toybox he |>called up Hic's Amazing Maze from THE STORE. At this point, his terminal |>locked up and Amazing Maze fired up on the Console with nobody logged in. |>However, it only painted the first 2 screens and stayed in the 3D Maze |>entrance accepting NO keyboard input. |> Well firstly calling up the User Agent from a remote terminal is valid (although I don't particularly condone users running the user agent [one of the major security holes on the unix-pc]) The bad part was Duane called up Hic's Amazing Maze program that will *only* work on a bit-mapped screen (ie. unix-pc console), that was the bad no no. |>My questions are: |> |>1) How did this get started up on w1 ? It was running with a uid of 0. |> Well if you look at /usr/lib/ua/Toybox you will see an entry with: Name=Amazing Maze Default=Run Run=EXEC -pwd /usr/games/Amazing ^^^ The reason why it was running on w1 was /usr/games/Amazing opens up /dev/window to do all the bit-mapped screen handling. The reason it was uid 0 was because of the "p" option in the EXEC statement. If you look in the ua(4) in the User's Manual you will see the explanation of the -p option to EXEC. "-p Run the process with superuser privileges" This is the biggest security flaw the user agent has to offer... |>2) Why did it disable both terminals ? |> Well it really didn't disable your console, you could have probably switched back to the window the getty was running on and logged in fine [this I'm not sure of but in theory it should work ???] As for his terminal, it was feeding the input to the game. It's kinda weird cause I did this once at work. I was able to make the moves on the remote terminal and see the results on the unix-pc screen. If he hit the escape sequence for "EXIT" it might have fixed both screens! Stay away from programs that use the bitmapped window capabilities of the UNIX PC on remote terminals. I hope this sheds some light on your problem. -Lenny -- Lenny Tropiano ICUS Software Systems [w] +1 (516) 582-5525 lenny@icus.islp.ny.us Telex; 154232428 ICUS [h] +1 (516) 968-8576 {talcott,decuac,boulder,hombre,pacbell,sbcs}!icus!lenny attmail!icus!lenny ICUS Software Systems -- PO Box 1; Islip Terrace, NY 11752
erict@flatline.UUCP (j eric townsend) (10/25/88)
In article <117@ureka.UUCP>, charlie@ureka.UUCP (charlie crassi) writes: > My questions are: > 1) How did this get started up on w1 ? It was running with a uid of 0. Um, If Amazing Maze is like the other games, it gets run as root. If the parent process dies, it'll stay active in whatever window is open. How it got a uid of 0 is beyond me. > 2) Why did it disable both terminals ? It's God's fault. > 3) I had installed this as install. All of the permissions looked normal. It > has never happened before to my knowledge. Has any one ever had the same > or similar experience ? Other games ran OK. THIS GOES FOR EVERYBODY!!! Check your Toybox file right now, and all the related files. Many of them are run as root. If a game has an "escape to shell" option, the shell will be a *ROOT* shell. (Luckily, I, and not a user, found this out. :-) I dunno how much this helps, really, but I thought it was interesting. :-) -- "Imitation is the sincerest form of Television." - Mighty Mouse (and R. Bakshi) J. Eric Townsend smail: 511 Parker #2, Houston, Tx, 77007 Inet: COSC3AF@george.uh.edu UUCP: uunet!nuchat!flatline!erict Bitnet: COSC3AF@UHVAX1.BITNET ..!bellcore!tness1!/