Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!linus!philabs!cmcl2!floyd!vax135!ariel!hou5f!orion!houca!hogpc!houxm!houxf!ihnp4!ucbvax!nbires!erewhon!WrongLogin
From: WrongLogin@erewhon.UUCP
Newsgroups: net.bugs.4bsd
Subject: Re: TIOCCDTR (bug|feature)
Message-ID: <330@houxf.UUCP>
Date: Fri, 17-Jun-83 18:09:37 EDT
Article-I.D.: houxf.330
Posted: Fri Jun 17 18:09:37 1983
Date-Received: Tue, 21-Jun-83 14:14:32 EDT
Lines: 22

I'm going to echo Kenneth Almquist's comment that we shouldn't hack
the terminal drivers to prevent one user from stty'ing another
user's writable terminal when escape sequences are just as bad.

Two years ago, there was a discovery at Berkeley that the press
mangled into "Nasty college students find HUGE security hole in
UNIX" (The "UNIX" being a computer made by DEC.)

What really happened was a rediscovery of the fact that many
computer terminals respond to escape sequences.  On an HP terminal,
a escape sequence will cause the terminal to echo whatever is
currently on the screen, and the computer or course assumes that
this was typed by the user.  Thus you could write:
	stty 0 
onto somebody's terminal, and zap him/her just as badly.

(For that matter, there is a "Disconnect Modem" sequence that will
do the same job much faster.  I once had a good game of rogue
interrupted by someone who had been discussing UNIX security with
me.)

				Ann Nonymous @ erewhon