Slaying Gould dragon with a wooden horse
Bob Page
page at ulowell.UUCP
Sun Nov 2 03:34:10 AEST 1986
wcs at ho95e.UUCP (Bill Stewart) wrote in article <1056 at ho95e.UUCP>:
> ... Most CRTs have a block=transfer mode that can be exploited
> by a letter-bomb.
Anybody who reads mail as root deserves to get a letter bomb!
You should forward root's mail to non-priv'd accounts, and keep
`mesg n' and `biff n' (a Berkeleyism) so people/daemons can't write
to root's terminal. You can hack su(1) to do this for you, including
catching the suspend/wakeup signals to restore biff/mesg as you
bounce in and out of `su' state.
Harder to deal with: If you log in as root on the console and somebody
sends a message via syslog(3). Anybody found a resonable defense against
this, other than ``don't use block-mode terminals for consoles'' (an
academic question, we don't anyway) or ``don't log in to the console''?
..Bob
--
UUCP: wanginst!ulowell!page Bob Page, U of Lowell CS Dept
VOX: +1 617 452 5000 x2976 Lowell MA 01854 USA
More information about the Comp.unix.wizards
mailing list