Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!mcsun!ukc!axion!delluk!tim From: tim@dell.co.uk (Tim Wright) Newsgroups: comp.unix.sysv386 Subject: Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386 Keywords: BAD BUG Message-ID: Date: 13 Feb 91 11:41:05 GMT References: <1991Feb11.184130.11321@jwt.UUCP> <1991Feb12.020625.6779@kithrup.COM> Sender: usenet@delluk.uucp (Usenet posting login) Organization: Dell Computer Corp., Bracknell, UK Lines: 24 In <1991Feb12.020625.6779@kithrup.COM> sef@kithrup.COM (Sean Eric Fagan) writes: >In article <1991Feb11.184130.11321@jwt.UUCP> john@jwt.UUCP (John Temples) writes: >>Yikes. This also works on ESIX-D without a coprocessor, and on ISC 2.0.2 >>*with* a coprocessor. It failed on Microport 2.2 with a coprocessor. >>Now, the question is, what do we do to protect ourselves in the meantime? >Get SCO. It does not have this "feature," and still manages to support >Weitek coprocessors (the coprocessor the original poster was referring to, I >believe). (The Weitek's use memory for registers and, obviously, need to be >able to write them. The weitek registers are stuck in the upage, and >happen, in apparantly every 3.2 save SCO's, to be in the same page as the >uid stuff. *Bad*. *Very* bad.) Not entirely true. This program fails on Dell UNIX (ISC 2.0.2-derived), with or without a '387. Segmentation Violation - core dumped. 'Dunno about the weitek - I don't use F**tran unless forced :-) Tim -- Tim Wright, Dell Computer Corp. (UK) | Email address Bracknell, Berkshire, RG12 1RW | Domain: tim@dell.co.uk Tel: +44-344-860456 | Uucp: ...!ukc!delluk!tim "What's the problem? You've got an IQ of six thousand, haven't you?"