From owner-freebsd-security  Thu Sep 10 14:49:30 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA05232
          for freebsd-security-outgoing; Thu, 10 Sep 1998 14:49:30 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from stage1.thirdage.com (stage1.ThirdAge.com [204.74.82.151])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA05219
          for <security@FreeBSD.ORG>; Thu, 10 Sep 1998 14:49:28 -0700 (PDT)
          (envelope-from jal@ThirdAge.com)
Received: from gigi (gigi.ThirdAge.com [204.74.82.169])
	by stage1.thirdage.com (8.8.5/8.8.5) with SMTP id OAA17647;
	Thu, 10 Sep 1998 14:44:22 -0700 (PDT)
Message-Id: <3.0.5.32.19980910144756.01d24c70@204.74.82.151>
X-Sender: jal@204.74.82.151
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32)
Date: Thu, 10 Sep 1998 14:47:56 -0700
To: Aleph One <aleph1@dfw.net>
From: Jamie Lawrence <jal@ThirdAge.com>
Subject: Re: cat exploit 
Cc: security@FreeBSD.ORG
In-Reply-To: <Pine.SUN.4.01.9809101458470.13293-100000@dfw.nationwide.ne
 t>
References: <17574.905449550@time.cdrom.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

At 03:01 PM 9/10/98 -0500, Aleph One wrote:

>> Rather, it described a symtom common to most VT100 compliant terminal
>> emulators and something very clearly under the "well don't DO that then"
>> category.  It's nothing new at all and if you're not sure of the
>> contents of a file, don't just blindly cat it to your screen.  The
>> same goes for any binary I might hand you - if I put up a file on
>> an FTP site called ``megaspacewar.exe'' and you go and run it on your
>> Windows box and it trojans you to death (or worse), who's fault is
>> that? :-)  Same basic issue.
>
>Whoa! If you dont know the contents of a file dont read it. If you dont
>read a file you dont know its contents. Thats some really useful
>suggestion.

Aleph, you should know better. This 'problem' has been around for ages.
Doing things that have been known to be dangerous for years as root is
not something any Unix that I know of tries to protect against.

>How about something more practical? Like being able to turn off this
>"feature".

"rm /bin/cat"

Or, not cat'ing unknown files are root. Or as your own username, depending
on your threat model. Or use a utility that strips control sequences.

>> - Jordan
>
>Aleph One / aleph1@dfw.net

-j

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message