Date: Fri, 11 Sep 1998 01:26:11 -0400 (EDT) From: Snob Art Genre <benedict@echonyc.com> To: Jamie Lawrence <jal@ThirdAge.com> Cc: Aleph One <aleph1@dfw.net>, security@FreeBSD.ORG Subject: Re: cat exploit Message-ID: <Pine.GSO.4.02.9809110115070.27098-100000@echonyc.com> In-Reply-To: <3.0.5.32.19980910144756.01d24c70@204.74.82.151>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 10 Sep 1998, Jamie Lawrence wrote: > At 03:01 PM 9/10/98 -0500, Aleph One wrote: > > >How about something more practical? Like being able to turn off this > >"feature". > > "rm /bin/cat" Cat has little to do with the issue under discussion, despite the subject line. Escape sequences can come from talk requests, naive write(1)-like programs or naive network clients (I have seen the first two, and the third is likely). Unless I missed it, nobody has defended the xterm feature in question on any basis except that that's how it's always been done. I also didn't notice any reports of recent exploits. I'd like to hear a wider variety of opinions on the matter -- in particular, I wonder if anyone still uses the feature for anything, and if it's been exploited. I don't understand why you're so dismissive about it. Ben "You have your mind on computers, it seems." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.02.9809110115070.27098-100000>