Xref: utzoo comp.unix.wizards:25461 alt.security:2486 Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!dali.cs.montana.edu!caen!uwm.edu!linac!att!cbnewsh!wcs From: wcs@cbnewsh.att.com (Bill Stewart 908-949-0705 erebus.att.com!wcs) Newsgroups: comp.unix.wizards,alt.security Subject: Re: BSD tty security, part 3: How to Fix It Message-ID: <1991May8.050005.26963@cbnewsh.att.com> Date: 8 May 91 05:00:05 GMT References: <12535@dog.ee.lbl.gov> <15896: Apr2714:35:3991@kramden.acf.nyu.edu> Organization: Sorcerer's Apprentice Cleaning Services Lines: 39 In article kre@cs.mu.oz.au (Robert Elz) writes: ]The real problem is that the whole model used by "write" is simply ]wrong - sure its simple, and in a sense, elegant, but its simply ]not the way that things should be done. ]The whole concept of some other random process, owned by some other ]random user, being able to open a direct channel onto my terminal, ..... ]This is all absurd - clearly the intelligent way to run things is for ]messages that come from another user to be displayed the way I want them I disagree - you have to remember what "write" is supposed to be for: * "mail" is for sending people messgaes with potentially structured content that they can read with their favorite interface program when they want. For people who want to know right away if they have mail, you can use a window-thingie or have biff bark at you when mail arrives, or whatever you want. * "talk" is for coordinated real-time conversations between people, but by definition is a cooperative activity - you have to write to somebody using THEIR program, whether it's sockets-based, fifo-based, file-based, or whatever. * "write" is for rudely interrupting people who haven't pre-arranged some kind of talk program. The standard write programs let you prevent people (other than root) from interrupting you if you want. It also works as a crude "talk". The main problem with write is that it doesn't work well if you're not using a standard tty-like terminal session. But in that case, you can use 'mesg n', and use your favorite mail-notifier to let you know when you have mail, or advertise your favorite 'talk' program for people to call you with. If people still want to rudely interrupt you, they can use 'finger' to find your telephone number. The other aspect to this problem is that sometimes root really does need to interrupt you, and that can easily get lost in a window system or an editing or graphics session. Any suggestions here? -- Pray for peace; Bill # Bill Stewart 908-949-0705 erebus.att.com!wcs AT&T Bell Labs 4M-312 Holmdel NJ # I never wanted to be a hacker! I wanted to be --- a lumberjack!