Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!ukma!psuvax1!hsdndev!cmcl2!kramden.acf.nyu.edu!brnstnd
From: brnstnd@kramden.acf.nyu.edu (Dan Bernstein)
Newsgroups: comp.unix.wizards
Subject: Re: A partial user-mode tty security fix for SunOS, Ultrix, et al.
Message-ID: <9657.Jun1316.43.1691@kramden.acf.nyu.edu>
Date: 13 Jun 91 16:43:16 GMT
References: <1991Jun13.072348.14232@jyu.fi>
Organization: IR
Lines: 21

In the referenced article, Jussi Eloranta presents a patch to telnetd
meant to stop tty problems under SunOS 4.1.1. Unfortunately, the patch
doesn't accomplish any more than Sun's patch as announced a while back
by CERT. Neither patch stops my SunOS 4.1.1 test code, and I don't think
it's safe to believe that either patch will stop the Dutch hackers for
long.

> Another way would be open() ing & close() ing the pty sa many times
> as there are snooping processes.

This doesn't solve anything either.

> BTW the snooping stuff doesn't seem to work too well with rlogin ...
> I assume rlogind is doing some open() & close() ing on the pty ?

My best guess as to what Jussi means here: ``The Dutch break code, as
posted to a few newsgroups recently, does not work with SunOS 4.1.1
rlogin.'' This is because the SunOS 4.1.1 rlogind already had Sun's
patch installed.

---Dan