BSD tty security, part 3: How to Fix It
Neil Rickert
rickert at mp.cs.niu.edu
Sun Apr 28 04:22:35 AEST 1991
In article <15896:Apr2714:35:3991 at kramden.acf.nyu.edu> brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
>Well, I'm glad you agree with two of them, but I'd like to ask the net's
>opinion on the other two. Let me split this into three questions:
I, for one, like your changes. Until they are in place I will continue
my practice of putting 'mesg n' in my .login file
>3. Do people think it's a problem that ``write'' can flood a terminal
>with output before the recipient has a chance to react? My version
>limits output to 500 characters per line and one line a second. Does
>anyone think that this affects legitimate uses of ``write''? If not, is
>there any harm in adding the protection against accidents and abuse?
We had one user here who wrote a daemon to do this to every new person who
logged on. I was sure glad I had 'mesg n' in my .login . Even so I had to
wait a while for the end of his buffer before I could get in and kill
his daemon and suspend his account. (Just as well he was a novice user, or
he could have made things more difficult.)
--
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
Neil W. Rickert, Computer Science <rickert at cs.niu.edu>
Northern Illinois Univ.
DeKalb, IL 60115 +1-815-753-6940
More information about the Comp.unix.wizards
mailing list