BSD tty security, part 3: How to Fix It
Dan Bernstein
brnstnd at kramden.acf.nyu.edu
Sun Apr 28 00:35:39 AEST 1991
(Note that the changes to ``write'' being discussed here are entirely
optional suggestions; only steps 1-12 are necessary to fix the basic
problems.)
In article <12535 at dog.ee.lbl.gov> Jef Poskanzer <jef at well.sf.ca.us> writes:
> Our version does make control chars visible. Checking the permissions
> on the recipient before each line is a good idea. The rest of your
> changes are disgusting.
Well, I'm glad you agree with two of them, but I'd like to ask the net's
opinion on the other two. Let me split this into three questions:
1. Do people think it's a problem that lines from ``write'' are not
identified? If nothing else, I like the ability to carry on two or three
write conversations at once without getting totally confused. If others
don't like this, though, then I'll stop pushing for it.
2. Do people think it's a problem that someone can start a ``write'',
then just type EOF or EOT to simulate ending it, then continue typing
without identification? While most experienced users will guess exactly
what's going on, novice users are really up the creek. Does anyone agree
with Jef that it's ``disgusting'' to see
Message from operator at kramden on ttyp7 at 10:24 ...
operator: this is where the text goes
operator: and so on
End of message from operator at kramden on ttyp7 at 10:25
instead of
Message from operator at kramden on ttyp7 at 10:24 ...
this is where the text goes
and so on
EOF
Maybe I'm biased from my RELAY days, but I really find the first format
more informative.
3. Do people think it's a problem that ``write'' can flood a terminal
with output before the recipient has a chance to react? My version
limits output to 500 characters per line and one line a second. Does
anyone think that this affects legitimate uses of ``write''? If not, is
there any harm in adding the protection against accidents and abuse?
---Dan
More information about the Comp.unix.wizards
mailing list