Xref: utzoo comp.unix.wizards:13189 news.sysadmin:1825
Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!uwmcsd1!marque!uunet!rosevax!news
From: news@rosevax.Rosemount.COM (News administrator)
Newsgroups: comp.unix.wizards,news.sysadmin
Subject: Trojan horse newsreader FIX
Message-ID: <6797@rosevax.Rosemount.COM>
Date: 5 Dec 88 20:19:30 GMT
Reply-To: merlyn@ernie.rosemount.com
Organization: Rosemount Inc., Eden Prairie, MN
Lines: 25

Here is a fix for the newsreader trojan horse I posted last week.
Change your newsreader to do:

/full/path/vi '+set nomodeline' filename

...whenever it will invoke vi (or ex)

The '+set nomodeline' happens after the .exrc and EXINIT stuff,
and will prevent vi commands from executing.  However, a strange
side-effect seems to lock up vi iff:

1) modeline is normally on (default or in .exrc or EXINIT)
2) '+set nomodeline' overrides it, and
3) there are commands that would've been interpreted

An interrupt (^C or whatever) at this point will kick vi and go
into edit mode, without executing the commands.

This fix should go into any newsreaders that include text and enter vi.

I report 'em AND fix 'em.

------
Merlyn LeRoy
If you have the bug, you won't be able to (R)eply ex:q: