Path: utzoo!mnetor!tmsoft!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!uunet!fub!dobag.in-berlin.de!lumpi From: lumpi@dobag.in-berlin.de (Joern Lubkoll) Newsgroups: comp.unix.sysv386 Subject: Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386 Keywords: BAD BUG Message-ID: <5A5NGEK@dobag.in-berlin.de> Date: 12 Feb 91 22:51:11 GMT References: <1991Feb11.184130.11321@jwt.UUCP> <1991Feb12.020625.6779@kithrup.COM> Organization: Dobag Computer Systems Berlin Lines: 21 sef@kithrup.COM (Sean Eric Fagan) writes: >In article <1991Feb11.184130.11321@jwt.UUCP> john@jwt.UUCP (John Temples) writes: >>Yikes. This also works on ESIX-D without a coprocessor, and on ISC 2.0.2 >>*with* a coprocessor. It failed on Microport 2.2 with a coprocessor. >>Now, the question is, what do we do to protect ourselves in the meantime? >Get SCO. It does not have this "feature," and still manages to support >Weitek coprocessors (the coprocessor the original poster was referring to, I >believe). (The Weitek's use memory for registers and, obviously, need to be >able to write them. The weitek registers are stuck in the upage, and >happen, in apparantly every 3.2 save SCO's, to be in the same page as the >uid stuff. *Bad*. *Very* bad.) The problem in interactive is not weitek dependend, it is a problem with the coprocessor emulator, if there is no coprocessor present ! I never tried toete.c having a weitek coprocessor, due to dobag being an 486 without an weitek. I would be interested in any note about it. mfg. JL -- lumpi@dobag.in-berlin.de -- "Nothing is the complete absence of everything."