Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!uwm.edu!cs.utexas.edu!tut.cis.ohio-state.edu!pt.cs.cmu.edu!b.gp.cs.cmu.edu!Ralf.Brown@B.GP.CS.CMU.EDU
From: Ralf.Brown@B.GP.CS.CMU.EDU
Newsgroups: comp.sys.ibm.pc
Subject: Re: Procomm Plus can provide transparent file transfers
Message-ID: <25b8625e@ralf>
Date: 20 Jan 90 12:06:38 GMT
Sender: ralf@b.gp.cs.cmu.edu
Organization: Carnegie Mellon University School of Computer Science
Lines: 30
In-Reply-To: <5782@ncrwic.Wichita.NCR.COM>

In article <5782@ncrwic.Wichita.NCR.COM>, mregeste@ncrwic.Wichita.NCR.COM (Mark Regester) wrote:
}In article <170@nccnat.yorku.ca> shields@nccn.yorku.ca writes:
}See page 197 of the Procomm Plus manual.  In vt102 emulation, and 
}others, if you send the string <Esc>^script_file_command<Cr>, you
}can execute any Procomm Plus command file command.  We automated
}downloads by "echo"ing the "getfile xmodem" command to Procomm Plus
}and then executing the "sz" command on our Tower.
}
}Here is a section of the code we used:
}
} echo "\033^dos \"del $3\"\r\c"       # delete the file before download
} echo "\033^getfile xmodem \"$3\"\r\c"
} sz -aX $2                            

You realize, of course, that such a feature is a dangerous security hole.
What if someone sends you mail with
     Esc^DOS "DEL *.*"
or
     Esc^SEND "rm -rf ~\r"
     (or whatever the transmit-string command is in ProComm+)
embedded in the text?  See alt.hackers for a discussion of this security
problem in conjunction with terminal answerback buffers and ^W.

--
UUCP: {ucbvax,harvard}!cs.cmu.edu!ralf -=- 412-268-3053 (school) -=- FAX: ask
ARPA: ralf@cs.cmu.edu  BIT: ralf%cs.cmu.edu@CMUCCVMA  FIDO: Ralf Brown 1:129/46
"How to Prove It" by Dana Angluin              Disclaimer? I claimed something?
14. proof by importance:
    A large body of useful consequences all follow from the proposition in
    question.