Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!watmath!clyde!rutgers!husc6!talcott!maynard!campbell
From: campbell@maynard.UUCP (Larry Campbell)
Newsgroups: net.unix
Subject: Re: Slaying Gould dragon with a wooden
Message-ID: <408@maynard.UUCP>
Date: Fri, 7-Nov-86 07:37:04 EST
Article-I.D.: maynard.408
Posted: Fri Nov  7 07:37:04 1986
Date-Received: Sat, 8-Nov-86 04:54:34 EST
References: <161@unisec.UUCP> <3800016@snail> <2481@phri.UUCP>
Reply-To: campbell@maynard.UUCP (Larry Campbell)
Organization: The Boston Software Works Inc., Maynard, MA
Lines: 17
Summary: why block-mode terminals can be security bugs

In article <2481@phri.UUCP> roy@phri.UUCP (Roy Smith) writes:
>
>	Maybe I'm missing something obvious, but why are block-mode
>terminals a security problem?

They're not all security holes, but the ones that have the following
pair of escape-sequence driven commands are:

    1.	"Put the following string in your buffer." (say, "rm -rf *")

    2.	"Send the buffer to the host."

On such a terminal, one cute mail message can ruin your whole day.  :-)
-- 
Larry Campbell       MCI: LCAMPBELL          The Boston Software Works, Inc.
UUCP: {alliant,wjh12}!maynard!campbell      120 Fulton Street, Boston MA 02109
ARPA: campbell%maynard.uucp@harvisr.harvard.edu     (617) 367-6846