[823] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] Talk security?

daemon@ATHENA.MIT.EDU (Sameer R Manek)
Wed Jun 19 14:43:49 1996

Date: Mon, 17 Jun 1996 01:12:28 -0700 (PDT)
From: Sameer R Manek <manek@challenger.atc.fhda.edu>
To: Justin Dobbs <jrd@Max.stark.k12.oh.us>
cc: linux-security@tarsier.cv.nrao.edu
In-Reply-To: <XFMail.960612220246.jrd@Max.stark.k12.oh.us>

On Wed, 12 Jun 1996, Justin Dobbs wrote:

> Hello,
> 
> Are there any security holes associated with making the talk
> program the shell of a potentially public account?  The
> shell would be /usr/bin/talk <user>, with /usr/bin/talk
> listed in the /etc/shells file.  Is there a potential for
> environment-style breakins?
> 
> TIA,
> 
> Justin Dobbs <jrd@Max.stark.k12.oh.us>
> 
It totally depends on on which talk client you use.
especially if you use, ytalk which lets you have shell access
Of course you couldn't really have /usr/bin/talk as a shell
since talk needs an argument. 

Having a account that is hard coded to only do talk request to
one account is kind of restrictive, unless this is the intent,
(maybe like a help/guest/internet demo account) A better 
way to do this would have /bin/homebrew.sh be the script.

This script would first ask the user what address they 
would like to send a talk request to, use a c-program
instead of the shell read command. Because they could 
say they want to talk to evil@hacker.edu;ls;  
Naturally writing your own shell opens up another can
of worms.

Good luck
--
Sameer Manek                manek@challenger.atc.fhda.edu
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
The gates in my computer are AND, OR and NOT, not bill.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
I will willingly give my private key to the CIA the same day 
the Bill Clinton gives me the keys to White House.

home help back first fref pref prev next nref lref last post