Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!linus!philabs!cmcl2!floyd!vax135!ariel!hou5f!orion!houca!hogpc!houxm!houxf!ihnp4!ucbvax!nbires!erewhon!WrongLogin From: WrongLogin@erewhon.UUCP Newsgroups: net.bugs.4bsd Subject: Re: TIOCCDTR (bug|feature) Message-ID: <330@houxf.UUCP> Date: Fri, 17-Jun-83 18:09:37 EDT Article-I.D.: houxf.330 Posted: Fri Jun 17 18:09:37 1983 Date-Received: Tue, 21-Jun-83 14:14:32 EDT Lines: 22 I'm going to echo Kenneth Almquist's comment that we shouldn't hack the terminal drivers to prevent one user from stty'ing another user's writable terminal when escape sequences are just as bad. Two years ago, there was a discovery at Berkeley that the press mangled into "Nasty college students find HUGE security hole in UNIX" (The "UNIX" being a computer made by DEC.) What really happened was a rediscovery of the fact that many computer terminals respond to escape sequences. On an HP terminal, a escape sequence will cause the terminal to echo whatever is currently on the screen, and the computer or course assumes that this was typed by the user. Thus you could write: stty 0onto somebody's terminal, and zap him/her just as badly. (For that matter, there is a "Disconnect Modem" sequence that will do the same job much faster. I once had a good game of rogue interrupted by someone who had been discussing UNIX security with me.) Ann Nonymous @ erewhon