Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!ucsd!ucsdhub!jack!elgar!ag From: ag@elgar.UUCP (Keith Gabryelski) Newsgroups: comp.unix.xenix Subject: Re: Printscreen capability? SECURITY HOLE Summary: But there is a way around it. Keywords: printscreen Message-ID: <219@elgar.UUCP> Date: 13 Aug 88 17:17:40 GMT References: <364@gt-eedsp.UUCP> <510@sysco> <414@uport.UUCP> Reply-To: ag@elgar.UUCP (Keith Gabryelski) Distribution: na Organization: Elgar Corporation, San Diego, CA Lines: 27 In article <414@uport.UUCP> plocher@uport.UUCP (John Plocher) writes: >In article <510@sysco> chapman@sco.COM (brian chapman) writes: >>>Is a printscreen capability available in Xenix? >>Yes >>ESC x x x Send screen to host. > >and whenever root is logged onto the console: > > write root < x > >This security hole is one reason that many sysadmins don't use terminals >with a "block mode". Adding this to the console driver is a very subtle >way to compromise a system. This is one reason why many sysadmins have "mesg n" in their .profile. Piece 'o cake. Pax, Keith Ps, I haven't looked into where in the news code articles get rejected if they have less message then inclusion, but it is going to get ripped out as soon as I have posted this article. -- "If green is all there is to be, then green is good enough for me" - ktf [ Keith ] UUCP: {ucsd, cbosgd!crash, sdcsvax!crash, nosc!crash}!elgar!ag [Gabryelski] INET: ag@elgar.cts.com ARPA: elgar!ag@ucsd.edu