BSD tty security, part 3: How to Fix It
John F Haugh II
jfh at rpp386.cactus.org
Mon May 20 23:47:53 AEST 1991
In article <3690:May1921:22:5191 at kramden.acf.nyu.edu> brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
>Can you please stop repeating the same stupid little question? If you
>can't understand Bellovin's explanations or my explanations or the
>series of diagrams above, I give up.
No. Not until you figure out that I don't care about the TTY line
and I don't care about what happens before the user logs in. What
happens to a trojan horse that gains access to the =PTY= =AFTER=
the user logs in? The purpose (go read the Orange Book if you
don't believe me) of Trusted Path and SAK and so on is to insure
positive TCB to User (and vice versa) communication. If you change
the point of attack from the hardwired tty port to the PTY device
and don't make it any more difficult to violate, all you've done
is moved the problem. You diagram completely and totally misses
the point.
--
John F. Haugh II | Distribution to | UUCP: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 255-8251 | GEnie PROHIBITED :-) | Domain: jfh at rpp386.cactus.org
"If liberals interpreted the 2nd Amendment the same way they interpret the
rest of the Constitution, gun ownership would be mandatory."
More information about the Comp.unix.wizards
mailing list