BSD tty security, part 3: How to Fix It
Steve Simmons
scs at lokkur.dexter.mi.us
Sat May 18 08:25:25 AEST 1991
brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
>In article <19276 at rpp386.cactus.org> jfh at rpp386.cactus.org (John F Haugh II) writes:
>> What about a case
>> where my application looks just like "passwd", but is really just
>> a pipe or somesuch (like the "pty" command) from your keyboard to
>> the real passwd command.
>Who tf cares? A sane user will never invoke such a pipe. It's not
>passwd's responsibility to check that the user is sane.
There are one hell of a lot of insane users out there. I've seen them
regularly for the past ten years.
--
"FACT: less than 10% of the psychiatrists in the US are actually
practicing cannibals." Rod Johnson
More information about the Comp.unix.wizards
mailing list