From owner-freebsd-security  Thu Sep 10 16:10:18 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id QAA21915
          for freebsd-security-outgoing; Thu, 10 Sep 1998 16:10:18 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from Kitten.mcs.com (Kitten.mcs.com [192.160.127.90])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA21895
          for <security@FreeBSD.ORG>; Thu, 10 Sep 1998 16:10:10 -0700 (PDT)
          (envelope-from karl@Mars.mcs.net)
Received: from Mars.mcs.net (karl@Mars.mcs.net [192.160.127.85]) by Kitten.mcs.com (8.8.7/8.8.2) with ESMTP id SAA03462; Thu, 10 Sep 1998 18:09:57 -0500 (CDT)
Received: (from karl@localhost) by Mars.mcs.net (8.8.7/8.8.2) id SAA02966; Thu, 10 Sep 1998 18:09:57 -0500 (CDT)
Message-ID: <19980910180956.A2858@mcs.net>
Date: Thu, 10 Sep 1998 18:09:56 -0500
From: Karl Denninger <karl@denninger.net>
To: andrew@squiz.co.nz, Studded <Studded@dal.net>
Cc: Michael Richards <026809r@dragon.acadiau.ca>, security@FreeBSD.ORG
Subject: Re: terminal escape exploit (was Re: cat exploit)
References: <35F818CA.8647A116@dal.net> <Pine.BSF.3.96.980911091351.5407B-100000@aniwa.sky>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.93.2i
In-Reply-To: <Pine.BSF.3.96.980911091351.5407B-100000@aniwa.sky>; from Andrew McNaughton on Fri, Sep 11, 1998 at 09:19:42AM +1200
Organization: Karl's Sushi and Packet Smashers
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, Sep 11, 1998 at 09:19:42AM +1200, Andrew McNaughton wrote:
> On Thu, 10 Sep 1998, Studded wrote:
> 
> > 	It seems to me that a lot of people missed the point of one of the
> > warnings that someone else posted in response actually.  Don't use cat
> > routinely to view files. Use more, or better yet less since less doesn't
> > view binary files by default.
> 
> It's not just cat that you've got to worry about.  tail is another one. 
> How many people routinely use 'tail -f' to monitor log info that includes
> potentially tainted content. 
> 
> The problem is not cat.  It's xterm and other similar terminal programs.
> 
> Andrew

The problem is TERMINALS.

You can't bitch that an EMULATOR does exactly what it is claimed to do -
emulate the REAL DEVICE.

This "exploit" is so old its crusty; it is quite possible to do this on a
VT-52 (yes, a real Vt-52, you know those terminals that weighed about 100
lbs, had a dinky little screen, were made by DEC and haven't been seen in
some 15 years?  Yes, those.)

--
-- 
Karl Denninger (karl@denninger.net)
Voice: 312-803-6271 x219     

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message