SECURITY BUG IN INTERACTIVE UNIX SYSV386
Joern Lubkoll
lumpi at dobag.in-berlin.de
Wed Feb 13 09:51:11 AEST 1991
sef at kithrup.COM (Sean Eric Fagan) writes:
>In article <1991Feb11.184130.11321 at jwt.UUCP> john at jwt.UUCP (John Temples) writes:
>>Yikes. This also works on ESIX-D without a coprocessor, and on ISC 2.0.2
>>*with* a coprocessor. It failed on Microport 2.2 with a coprocessor.
>>Now, the question is, what do we do to protect ourselves in the meantime?
>Get SCO. It does not have this "feature," and still manages to support
>Weitek coprocessors (the coprocessor the original poster was referring to, I
>believe). (The Weitek's use memory for registers and, obviously, need to be
>able to write them. The weitek registers are stuck in the upage, and
>happen, in apparantly every 3.2 save SCO's, to be in the same page as the
>uid stuff. *Bad*. *Very* bad.)
The problem in interactive is not weitek dependend, it is a problem with
the coprocessor emulator, if there is no coprocessor present !
I never tried toete.c having a weitek coprocessor, due to dobag being
an 486 without an weitek.
I would be interested in any note about it.
mfg. JL
--
lumpi at dobag.in-berlin.de -- "Nothing is the complete absence of everything."
More information about the Comp.unix.sysv386
mailing list