From owner-freebsd-security  Thu Sep 10 15:27:40 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id PAA13903
          for freebsd-security-outgoing; Thu, 10 Sep 1998 15:27:40 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from time.cdrom.com (time.cdrom.com [204.216.27.226])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA13898
          for <security@FreeBSD.ORG>; Thu, 10 Sep 1998 15:27:38 -0700 (PDT)
          (envelope-from jkh@time.cdrom.com)
Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1])
	by time.cdrom.com (8.8.8/8.8.8) with ESMTP id PAA18493;
	Thu, 10 Sep 1998 15:24:48 -0700 (PDT)
	(envelope-from jkh@time.cdrom.com)
To: rotel@indigo.ie
cc: Studded <Studded@dal.net>, Michael Richards <026809r@dragon.acadiau.ca>,
        security@FreeBSD.ORG
Subject: Re: cat exploit 
In-reply-to: Your message of "Thu, 10 Sep 1998 22:21:04 -0000."
             <199809102121.WAA01790@indigo.ie> 
Date: Thu, 10 Sep 1998 15:24:48 -0700
Message-ID: <18489.905466288@time.cdrom.com>
From: "Jordan K. Hubbard" <jkh@time.cdrom.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> to this problem.  The issue is that the terminal emulator doesn't
> have an option to disable the features which are dangerous (which
> should be disabled by default).  This is a subtle attack which can

I think most people have gotten used to that fact over the 15+ years
where actual terminals which did this were no less dangerous.  I sure
did.  Geeze, the kids these days - no perspective at all! :-)

> Perhaps someone will now be prompted to make the necessary changes. :)

Somehow, I doubt it.  This is the kind of issue which people are
willing to whine about but seldom act upon. :)

- Jordan

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message