SECURITY BUG IN INTERACTIVE UNIX SYSV386
James Howard
jrh at mustang.dell.com
Sat Feb 16 11:46:43 AEST 1991
In article <1991Feb15.035643.5542 at jwt.UUCP>, john at jwt.UUCP (John
Temples) writes:
> In article <15126 at uudell.dell.com> jrh at mustang.dell.com (James Howard)
writes:
> >I have tried the program posted earlier on both Dell
> >SVR3.2 (which is ISC 2.0.2 based) and Dell SVR4.0 (not in any way
> >related to ISC ;-) ). It core dumps faithfully on both.
>
> Based on what I've read here (not just in regards to the security
> hole), I'm starting to get the feeling that Dell is the only UNIX
> vendor that has its act together. I think I might just buy Dell's
> SVR4.0 even though upgrading my ESIX will probably be cheaper.
> --
> John W. Temples -- john at jwt.UUCP (uunet!jwt!john)
Let me attempt to correct an oversight in my original post. I tested the
posted source on a 3.2 machine running here internally, but it was a 486
machine, not a 386. It did not display the bug, but of course, it did
have the 486 internal equivalent of a 387, which might have affected the
test. To be sure, I later tried it on several 386 systems without a
mathco, and it still did not display the bug. I should have been more
careful before posting that it did not occur, although it turned out to
be true anyway.
It has been posted elsewhere in this thread that AT&T 3.2.1 does not
have this bug. Dell UNIX 1.1 (which is generally described as based on
ISC 2.0.2 sources) was a merge of ISC, AT&T 3.2.1, and Dell 1.0 code
bases. The likely explanation for why Dell does not display a bug
in a UNIX release based on ISC source, is that ISC did not merge in all
of the AT&T fixes for 3.2.1, pure supposition on my part however.
So, now for the facts, right? The following machine configurations were
tested, and did not display the bug. The test was done by compiling the
source as posted here on USENET.
System CPU / MathCo OS / Release
-------------------------------------------------------
Dell 325 386 / NONE Dell SVR3.2 / 1.1
Dell 325 386 / 387 Dell SVR3.2 / 1.1
Dell 425E 486 / Builtin Dell SVR3.2 / 1.1
Dell 325P 386 / 387 Dell SVR4.0 / 2.0
Dell 325P 386 / NONE Dell SVR4.0 / 2.0
Dell 325 386 / NONE Dell SVR4.0 / 2.0
Dell 425TE 486 / Builtin Dell SVR4.0 / 2.0
I believe this covers the cases where it might be a problem, as well
as a fairly wide range of hardware. If a Dell customer has the bug,
it might be with Dell UNIX 1.0, which did not have the 3.2.1 fixes
applied. Such a customer should contact Dell Technical Support or send
mail to support at dell.dell.com (or support at uudell.dell.com) to inquire as
to bug a fix. I did not test Dell UNIX 1.0, because I could not locate
a system in house running the older version software. I would very much
like to hear from anyone with Dell UNIX that is experiencing the bug
described above.
James Howard Dell Computer Corp. !'s:uunet!dell!mustang!jrh
(512) 343-3480 9505 Arboretum Blvd @'s:jrh at mustang.dell.com
Austin, TX 78759-7299
More information about the Comp.unix.sysv386
mailing list