From owner-freebsd-security Thu Sep 10 22:26:30 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA10067 for freebsd-security-outgoing; Thu, 10 Sep 1998 22:26:30 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from echonyc.com (echonyc.com [198.67.15.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA10062 for ; Thu, 10 Sep 1998 22:26:29 -0700 (PDT) (envelope-from benedict@echonyc.com) Received: from localhost by echonyc.com (8.9.1/8.9.1) with SMTP id BAA03622; Fri, 11 Sep 1998 01:26:11 -0400 (EDT) Date: Fri, 11 Sep 1998 01:26:11 -0400 (EDT) From: Snob Art Genre Reply-To: ben@rosengart.com To: Jamie Lawrence cc: Aleph One , security@FreeBSD.ORG Subject: Re: cat exploit In-Reply-To: <3.0.5.32.19980910144756.01d24c70@204.74.82.151> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 10 Sep 1998, Jamie Lawrence wrote: > At 03:01 PM 9/10/98 -0500, Aleph One wrote: > > >How about something more practical? Like being able to turn off this > >"feature". > > "rm /bin/cat" Cat has little to do with the issue under discussion, despite the subject line. Escape sequences can come from talk requests, naive write(1)-like programs or naive network clients (I have seen the first two, and the third is likely). Unless I missed it, nobody has defended the xterm feature in question on any basis except that that's how it's always been done. I also didn't notice any reports of recent exploits. I'd like to hear a wider variety of opinions on the matter -- in particular, I wonder if anyone still uses the feature for anything, and if it's been exploited. I don't understand why you're so dismissive about it. Ben "You have your mind on computers, it seems." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message