[823] in linux-security and linux-alert archive
Re: [linux-security] Talk security?
daemon@ATHENA.MIT.EDU (Sameer R Manek)
Wed Jun 19 14:43:49 1996
Date: Mon, 17 Jun 1996 01:12:28 -0700 (PDT)
From: Sameer R Manek <manek@challenger.atc.fhda.edu>
To: Justin Dobbs <jrd@Max.stark.k12.oh.us>
cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <XFMail.960612220246.jrd@Max.stark.k12.oh.us>
On Wed, 12 Jun 1996, Justin Dobbs wrote:
> Hello,
>
> Are there any security holes associated with making the talk
> program the shell of a potentially public account? The
> shell would be /usr/bin/talk <user>, with /usr/bin/talk
> listed in the /etc/shells file. Is there a potential for
> environment-style breakins?
>
> TIA,
>
> Justin Dobbs <jrd@Max.stark.k12.oh.us>
>
It totally depends on on which talk client you use.
especially if you use, ytalk which lets you have shell access
Of course you couldn't really have /usr/bin/talk as a shell
since talk needs an argument.
Having a account that is hard coded to only do talk request to
one account is kind of restrictive, unless this is the intent,
(maybe like a help/guest/internet demo account) A better
way to do this would have /bin/homebrew.sh be the script.
This script would first ask the user what address they
would like to send a talk request to, use a c-program
instead of the shell read command. Because they could
say they want to talk to evil@hacker.edu;ls;
Naturally writing your own shell opens up another can
of worms.
Good luck
--
Sameer Manek manek@challenger.atc.fhda.edu
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
The gates in my computer are AND, OR and NOT, not bill.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
I will willingly give my private key to the CIA the same day
the Bill Clinton gives me the keys to White House.