From owner-freebsd-security Thu Sep 10 10:58:25 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA17523 for freebsd-security-outgoing; Thu, 10 Sep 1998 10:58:25 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from phoenix.volant.org (phoenix.volant.org [205.179.79.193]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA17512 for ; Thu, 10 Sep 1998 10:58:22 -0700 (PDT) (envelope-from patl@phoenix.volant.org) From: patl@phoenix.volant.org Received: from asimov.phoenix.volant.org ([205.179.79.65]) by phoenix.volant.org with smtp (Exim 1.92 #8) id 0zHAyo-00041l-00; Thu, 10 Sep 1998 10:58:02 -0700 Received: from localhost by asimov.phoenix.volant.org (SMI-8.6/SMI-SVR4) id KAA25298; Thu, 10 Sep 1998 10:57:59 -0700 Date: Thu, 10 Sep 1998 10:57:59 -0700 (PDT) Reply-To: patl@phoenix.volant.org Subject: Re: cat exploit To: Jay Tribick cc: security@FreeBSD.ORG In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > That's exactly what I was saying - just for example, say your installing > something as root you usually cat the file INSTALL to find out what > you need to do - it would be relatively simple to embed a command > in there to just rm -rf / & your hd! No, I usually 'less', 'more', or even 'emacs' it. For two reasons. 1) INSTALL is usually too large to fit in a single terminal window; sometimes too large to fit in the default scrollbuffer. 2) It might contain characters that would make my terminal window do something I'd rather it didn't... Cat should only be used to view files that are known to be small and clean. (E.g., /etc/motd) If there is -any- doubt at all you should use more, less, emacs, hd, or some other tool that is more terminal-aware and will convert 'unprintable' characters. -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message