SECURITY BUG IN INTERACTIVE UNIX SYSV386
Joern Lubkoll
lumpi at dobag.in-berlin.de
Tue Feb 12 22:15:15 AEST 1991
john at jwt.UUCP (John Temples) writes:
>In article <KR3NBQQ at dobag.in-berlin.de> lumpi at dobag.in-berlin.de (Joern Lubkoll) writes:
>>it seems that your very cute interactive unix System has a nice bug !
>Yikes. This also works on ESIX-D without a coprocessor, and on ISC 2.0.2
>*with* a coprocessor. It failed on Microport 2.2 with a coprocessor.
It even works on 2.2 with a coprocessor ! You have to set the Kernel
Tuneable Parameters UAREAUS and UAREARW to 0 to protect you u-block !
If Esix dows have such parameters, please try them and report me the
experiences.
2.02 is unprotectable ! a 2.2 System without a co-cpu is also unprotect-
able !
>Now, the question is, what do we do to protect ourselves in the meantime?
That is the problem which made me think half a year before posting it !
The time until the bug-fix arrives will be short I hope, or Interactive
has a problem !
jl
--
lumpi at dobag.in-berlin.de -- "Nothing is the complete absence of everything."
More information about the Comp.unix.sysv386
mailing list