Xref: utzoo news.sysadmin:1779 comp.unix.wizards:13099
Path: utzoo!utgpu!watmath!clyde!att!rutgers!mailrus!ames!haven!decuac!hadron!jsdy
From: jsdy@hadron.UUCP (Joseph S. D. Yao)
Newsgroups: news.sysadmin,comp.unix.wizards
Subject: Re: Trojan horse possible with news readers
Summary: One fix ...
Message-ID: <817@hadron.UUCP>
Date: 2 Dec 88 16:38:05 GMT
References: <6775@rosevax.Rosemount.COM>
Reply-To: jsdy@hadron.UUCP (Joseph S. D. Yao)
Organization: Hadron, Inc., Fairfax, VA
Lines: 21

In article <6775@rosevax.Rosemount.COM> merlyn@ernie.rosemount.com writes:
>			   ... some versions of vi will execute
>commands if it sees a line (near the top or bottom of a file)
>of the form <e><x><:><command><:>

System V Release 3 has a "modelines" attribute, which defaults to
"nomodelines".  This is a Very Good Idea (defaulting to off).

I have added other necessary fixes.  The check is, roughly, to find
the first ':' and then check for the previous two characters' match
with "ex" or "vi".  The necessary fixes are:
	(1) Check that the ':' is not one of the first two
	    characters, otherwise you will be checking against
	    non-existent characters on that line.
	(2) Check that either the ':' is exactly the third
	    character on the line, or that the third character
	    back isspace().  Otherwise, lines like:
levi:PASSWORD DELETED:Dolly Levi of Upstate NY:/usr/levi:/match
	    will trigger the "feature".

	Joe Yao			uunet!hadron!jsdy