From owner-freebsd-security Thu Sep 10 14:44:36 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA04253 for freebsd-security-outgoing; Thu, 10 Sep 1998 14:44:36 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from puck.nether.net (puck.nether.net [204.42.254.5]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA04238 for ; Thu, 10 Sep 1998 14:44:30 -0700 (PDT) (envelope-from jared@puck.nether.net) Received: (from jared@localhost) by puck.nether.net (8.9.0/8.7.3) id RAA12480; Thu, 10 Sep 1998 17:19:19 -0400 Message-ID: <19980910171918.E12040@puck.nether.net> Date: Thu, 10 Sep 1998 17:19:18 -0400 From: Jared Mauch To: Aleph One , "Jordan K. Hubbard" Cc: Michael Richards <026809r@dragon.acadiau.ca>, security@FreeBSD.ORG Subject: Re: cat exploit References: <17574.905449550@time.cdrom.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: ; from Aleph One on Thu, Sep 10, 1998 at 03:01:32PM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Sep 10, 1998 at 03:01:32PM -0500, Aleph One wrote: > On Thu, 10 Sep 1998, Jordan K. Hubbard wrote: > > > The problem is that Jay's message didn't actually have a point. :) > > > > Rather, it described a symtom common to most VT100 compliant terminal > > emulators and something very clearly under the "well don't DO that then" > > category. It's nothing new at all and if you're not sure of the > > contents of a file, don't just blindly cat it to your screen. The > > same goes for any binary I might hand you - if I put up a file on > > an FTP site called ``megaspacewar.exe'' and you go and run it on your > > Windows box and it trojans you to death (or worse), who's fault is > > that? :-) Same basic issue. > > Whoa! If you dont know the contents of a file dont read it. If you dont > read a file you dont know its contents. Thats some really useful > suggestion. Silly rabbit, tricks are for kids. What you really need to do is using a modern file(1), or more specifically file with a modern magic(5) file, you can determine the best way to view it. About downloading something then executing it, that's a whole other can of worms, because in downloading it, you put it on your computer specifically, and if you run it not knowing what it is, you're asking for trouble (IMHO). If it's something from out of a box, talk to people about fixing the license under which software is distributed. See http://cnn.com/TECH/computing/9809/09/lawmakers.idg/ for a related story. Using more/less/view/vi/emacs/pico/od to view the file would be a much better choice than cat, or at least use cat -v | more. if you want a machine that makes it tougher to view a binary file, go buy a mac. - jared -- Jared Mauch | pgp key available via finger from jared@puck.nether.net | http://puck.nether.net/~jared/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message