From owner-freebsd-ports Sat Jan 12 22:15: 1 2002 Delivered-To: freebsd-ports@freebsd.org Received: from wwweasel.geeksrus.net (wwweasel.geeksrus.net [64.67.200.82]) by hub.freebsd.org (Postfix) with ESMTP id 0104637B416 for ; Sat, 12 Jan 2002 22:14:58 -0800 (PST) Received: (from alane@localhost) by wwweasel.geeksrus.net (8.11.6/8.11.6) id g0D6DX674312; Sun, 13 Jan 2002 01:13:33 -0500 (EST) (envelope-from alane) Date: Sun, 13 Jan 2002 01:13:33 -0500 From: Alan Eldridge To: Ken Stailey Cc: "."@babolo.ru, freebsd-ports@FreeBSD.ORG Subject: Re: ports/33818: Bootable ITS image for KLH-10 PDP-10 emulator Message-ID: <20020113061333.GA74245@wwweasel.geeksrus.net> References: <200201130013.DAA11901@aaz.links.ru> <3C40D184.1000702@surfbest.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3C40D184.1000702@surfbest.net> User-Agent: Mutt/1.3.25i Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, Jan 12, 2002 at 07:15:00PM -0500, Ken Stailey wrote: >"."@babolo.ru wrote: >>For lot of emulated systems (RT-11 vXX, UNIX vXX so on) >>I have scripts that copy disk image to user's TMPDIR, for example: >>#!/bin/sh >>echo 'type "unix" first, login as root' >>cp /usr/contrib/sim/unix_v5_rk.dsk ${TMPDIR}/unix5-$$ >>echo "set cpu 18b" > ${TMPDIR}/unix5-$$-c >>echo "att rk0 ${TMPDIR}/unix5-$$" >> ${TMPDIR}/unix5-$$-c >>echo "boot rk" >> ${TMPDIR}/unix5-$$-c >>exec nice -5 pdp11 ${TMPDIR}/unix5-$$-c >> Exactly the sort of thing I was talking about. Except an install, so the user would then have a persistent disk of his/her own. >Yes you can telnet or supdup or ftp into an ITS system. ITS has no >security. You can issue commands without logging in. You can log into >someone else's account with no password because there are no passwords >on accounts. You can make up an account name and log into that. No >password file, no security. You need to read some ITS history. Try > >http://www.gnu.org/philosophy/stallman-kth.html Thanks. I am more concerned about what the emulator can do, and what files it leaves open. See above. If the emulator will allow anyone to come in, then I see having any part of it SUID root as a problem. Unless it can be linked against -lwrap, or forced to run either chrooted or in a jail. Using -lwrap.... Now there's an idea.... -- Alan Eldridge Pmmfmffmmfmp mmmpppppffmpmfpmpppff PmpMpmMpp ppfppp MpfpffmppmppMmpFmmMpm mfpmmmmmfpmpmpppff. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message