Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!nuchat!steve From: steve@nuchat.sccsi.com (Steve Nuchia) Newsgroups: comp.unix.sysv386 Subject: Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386 Keywords: BAD BUG Message-ID: <1991Feb23.215707.2433@nuchat.sccsi.com> Date: 23 Feb 91 21:57:07 GMT References: <1991Feb16.214824.2790@kithrup.COM> <1991Feb19.015227.26159@nuchat.sccsi.com> <54805@bigtex.cactus.org> Organization: South Coast Computing Services, Inc. Houston Lines: 41 In <1991Feb19.015227.26159@nuchat.sccsi.com>, I wrote >> Unmitigated bullshit. To which came the reply: In article <54805@bigtex.cactus.org> james@bigtex.cactus.org (James Van Artsdalen) writes: >oh? I see you haven't thought the problem through yet. ... >Now, think about sdb, and then propose a solution. Yeah ok, I forgot about the debugger. One more reason why you'd really like to have the emulator keep its data in the u area. It would be possible to fix the debugger -- it isn't like it is portable code anyway -- but yuk. >Remember, we're not out to remove things from the u block, only to >make sure that important things aren't writable. Those are very >different goals. The point I intended to make, which was obscured by my ill-considered phrasing, was that any number of convenience or performance considerations can never justify leaving a security hole like that open. >Also, remember that Sean is talking about SCO's *solution*, which >already works and is in the field. Until yours is implemented and >working, don't be so quick to criticize. Hmmm... I reread his article and couldn't see how you figure that. I must have missed some context. It looked to me like he was justifying the continued existence of the hole on the grounds that the u area is the "proper" place to put the FP registers. The only indication in the article to which I responded that Sean did not mean it as a justification was his quote marks around "proper". Sorry about the noise. -- Steve Nuchia South Coast Computing Services (713) 964-2462 "Innocence is a splendid thing, only it has the misfortune not to keep very well and to be easily misled." --- Immanuel Kant, Groundwork of the Metaphysic of Morals