Path: utzoo!utgpu!news-server.csri.toronto.edu!rutgers!cs.utexas.edu!uunet!zephyr.ens.tek.com!gvgpsa!treehouse!andyp
From: andyp@treehouse.UUCP (Andy Peterman)
Newsgroups: comp.unix.aux
Subject: Re: Questions asked about security
Message-ID: <671@treehouse.UUCP>
Date: 29 Dec 90 04:46:07 GMT
References: <1990Dec28.213517.23620@nada.kth.se>
Organization: The Treehouse
Lines: 28

In article <1990Dec28.213517.23620@nada.kth.se> d88-jwa@nada.kth.se (Jon W{tte) writes:
>
>WHen you log on to an A/UX system, and just drop the modem
>(as in, your sister walks in and picks up the phone ;-) you
>get back into the session when you dial again. This is all
>very well for those who were right in the middle of editing
>something, but I consider it a major security hazard.
>
>How do I get the thing to throw out any processes belonging
>to a terminal that drops the carrier ?

Make sure your inittab line which spawns the getty process is using one
of the 'mo_' options for getty, such as:

du:2a:respawn:/etc/getty tty0 mo_2400   #port tty0; set to "respawn"

Then also make sure your modem is indeed dropping the handshake line
when it loses carrier.  One way to test this is to connect to the modem
with 'cu' and then reset the modem (ATZ) which should drop DCD or DSR,
whichever you might be using for carrier detect, and 'cu' should report a 
lost connection.  If this works and you're using an 'mo_' option (which
has the HUPCL hangup flag), then users should be logged out on loss of
carrier.

-- 
Andy Peterman                       |   Opinions expressed
treehouse!andyp@gvgpsa.gvg.tek.com  | are definitely those of
(916) 273-4569                      |      my employer!