Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!mips!dimacs.rutgers.edu!rutgers!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.unix.wizards
Subject: Re: tty security problems under SunOS 4.1 and SunOS 4.1.1
Message-ID: <7491:May1502:05:3291@kramden.acf.nyu.edu>
Date: 15 May 91 02:05:32 GMT
References: <25239:May1416:21:3591@kramden.acf.nyu.edu> <16155@smoke.brl.mil>
Organization: IR
Lines: 32

In article <16155@smoke.brl.mil> gwyn@smoke.brl.mil (Doug Gwyn) writes:
> In article <25239:May1416:21:3591@kramden.acf.nyu.edu> brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes:
> >In the long term: SunOS is still insecure, and a sufficiently dedicated
> >cracker can and will be able to get past tty security no matter how many
> >other holes you close. It is inexcusable for Sun to leave this open.
> Why?  Has Sun made any promises about absolute security of SunOS?
> For example, are they claiming B2 certification for it?

Well, they do have an option which, they claim, provides C2 security.
But I was thinking more on ethical grounds.

> I've always had the impression that UNIX was intended for resource
> sharing much more than for resource hiding, and that the security
> mechanisms were meant to prevent accidental problems, not dedicated
> attacks.

Perhaps you didn't notice the complaint just a few weeks back about how
somebody was getting output from someone else's background process under
SunOS 4.0. That sounds like a problem to me. And the commercial world
(not to mention universities) has to pay attention to dedicated attacks.

> I guarantee that there are other security problems on most versions
> of UNIX besides the one you've been carrying on about.  What makes
> that one problem so much more significant than the others?

The bugs I've pointed out are on practically every BSD-derived UNIX
system, meaning practically every UNIX machine on the Internet. The
smaller set of bugs pointed out by Bellovin are on AT&T-derived UNIX
systems too. Very few such dangerous holes have survived so long on so
many machines.

---Dan