Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!rutgers!ucsd!ucsdhub!jack!elgar!ag
From: ag@elgar.UUCP (Keith Gabryelski)
Newsgroups: comp.unix.xenix
Subject: Re: Printscreen capability? SECURITY HOLE
Summary: But there is a way around it.
Keywords: printscreen
Message-ID: <219@elgar.UUCP>
Date: 13 Aug 88 17:17:40 GMT
References: <364@gt-eedsp.UUCP> <510@sysco> <414@uport.UUCP>
Reply-To: ag@elgar.UUCP (Keith Gabryelski)
Distribution: na
Organization: Elgar Corporation, San Diego, CA
Lines: 27


 In article <414@uport.UUCP> plocher@uport.UUCP (John Plocher) writes:
 >In article <510@sysco> chapman@sco.COM (brian chapman) writes:
 >>>Is a printscreen capability available in Xenix?
 >>Yes
 >>ESC x x x	Send screen to host.
 >
 >and whenever root is logged onto the console:
 >
 >	write root < x
 >
 >This security hole is one reason that many sysadmins don't use terminals
 >with a "block mode".  Adding this to the console driver is a very subtle
 >way to compromise a system.

 This is one reason why many sysadmins have "mesg n" in their .profile.
 Piece 'o cake.

 Pax, Keith

Ps, I haven't looked into where in the news code articles get rejected
if they have less message then inclusion, but it is going to get
ripped out as soon as I have posted this article.
-- 
  "If green is all there is to be, then green is good enough for me" - ktf
[  Keith   ]  UUCP: {ucsd, cbosgd!crash, sdcsvax!crash, nosc!crash}!elgar!ag
[Gabryelski]  INET: ag@elgar.cts.com                 ARPA: elgar!ag@ucsd.edu