Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!think!mit-eddie!genrad!decvax!wanginst!ulowell!page
From: page@ulowell.UUCP (Bob Page)
Newsgroups: net.unix,net.unix-wizards
Subject: Re: Slaying Gould dragon with a wooden horse
Message-ID: <705@ulowell.UUCP>
Date: Sat, 1-Nov-86 12:34:10 EST
Article-I.D.: ulowell.705
Posted: Sat Nov  1 12:34:10 1986
Date-Received: Tue, 4-Nov-86 00:46:34 EST
References: <161@unisec.UUCP> <694@ulowell.UUCP> <1056@ho95e.UUCP>
Reply-To: page@ulowell.UUCP (Bob Page)
Organization: University of Lowell
Lines: 21
Keywords: secure unix trojan horse gould
Xref: mnetor net.unix:6113 net.unix-wizards:8560

wcs@ho95e.UUCP (Bill Stewart) wrote in article <1056@ho95e.UUCP>:
> ... Most CRTs have a block=transfer mode that can be exploited
> by a letter-bomb.

Anybody who reads mail as root deserves to get a letter bomb!

You should forward root's mail to non-priv'd accounts, and keep
`mesg n' and `biff n' (a Berkeleyism) so people/daemons can't write
to root's terminal.  You can hack su(1) to do this for you, including
catching the suspend/wakeup signals to restore biff/mesg as you
bounce in and out of `su' state.

Harder to deal with: If you log in as root on the console and somebody
sends a message via syslog(3).  Anybody found a resonable defense against
this, other than ``don't use block-mode terminals for consoles'' (an
academic question, we don't anyway) or ``don't log in to the console''?

..Bob
-- 
UUCP: wanginst!ulowell!page	Bob Page, U of Lowell CS Dept
VOX:  +1 617 452 5000 x2976	Lowell MA 01854 USA