SECURITY BUG IN INTERACTIVE UNIX SYSV386
Chip Salzenberg
chip at tct.uucp
Thu Feb 21 03:52:26 AEST 1991
According to pdg at chinet.chi.il.us (Paul Guthrie):
>I'm sick of people calling this a "gaping kind-you-can-drive-a-truck-through
>hole" in UNIX security. If it was so gaping, how come it has never come up
>here before, like so many other obscure problems?
Think about this: ANYONE CAN BECOME ROOT AT ANY TIME. That's not a
"gaping" security hole? If there ever was a bug that deserved the
description "huge, gaping, obvious, drive-a-truck-through-it", it's
this one.
>ISC was fixing this...
^^^^^^^^^^^^^^^^^^^
So far, not even the ISC people have claimed that they were fixing it
before the bug report here. If they had deemed it worth fixing, it
would have been fixed between the release of 2.2 -- the absolutely
latest date that ISC can claim ignorance -- and the release of 2.2.1.
But it wasn't; so they weren't. QED.
>"There is a terrible bug in ISC UNIX security that allows root access
>instantaneously. I have mailed the problem to ISC (or reported the bug) to
>ISC and will post the problem in 3 months. The clock is ticking ISC...."
That would not have allowed the people who care about security to
protect themselves for those three months. Yes, a coprocessor is
expensive; but would you rather have an expensive, secure system or an
inexpensive one full of holes? I know I'd turn the latter off.
--
Chip Salzenberg at Teltronics/TCT <chip at tct.uucp>, <uunet!pdn!tct!chip>
"It's not a security hole, it's a SECURITY ABYSS." -- Christoph Splittgerber
(with reference to the upage bug in Interactive UNIX and Everex ESIX)
More information about the Comp.unix.sysv386
mailing list