BSD tty security, part 3: How to Fix It

Dan Bernstein brnstnd at kramden.acf.nyu.edu
Wed May 22 08:03:31 AEST 1991


In article <19317 at rpp386.cactus.org> jfh at rpp386.cactus.org (John F Haugh II) writes:
> What
> happens to a trojan horse that gains access to the =PTY= =AFTER=
> the user logs in?

If that can happen, then you're not talking about a Trojan Horse; you're
talking about a complete failure in security. If a program can do that,
it can redirect all further input from and output to the terminal, and
the user is up the creek. Why do you care what happens past that?

What I'm doing is making sure that such programs won't get access to the
pseudo-tty in the first place. *That's* security.

---Dan



More information about the Comp.unix.wizards mailing list