31 May
2014
31 May
'14
11:24 p.m.
Ken and Dennis and the other guys behind
the earliest UNIX code were smart guys and good programmers,
but they were far from perfect; and back in those days we
were all a lot sloppier.
The observation that exploits may be able to parlay
mundane bugs into security holes was not a commonplace
back then--even in the Unix room. So input buffers were
often made "bigger than ever will be needed" and left
that way on the understanding that crashes are tolerable
on outlandish data. In an idle moment one day, Dennis fed
a huge line of input to most everything in /bin. To the
surprise of nobody, including Dennis, lots of programs
crashed. We WERE surprised a few years later, when a journal
published this fact as a research result. Does anybody
remember who published that deep new insight and/or where?
Doug
1 Jun
1 Jun
12:17 a.m.
New subject: Bugs in V6 'dcheck'
At 7:24 ?pm -0400 2014/05/31, Doug McIlroy wrote:
Does anybody
remember who published that deep new insight and/or where?
Probably this:
B.P. Miller, L. Fredriksen, So, B. "An Empirical Study of the Reliability
of UNIX Utilities", Communications of the ACM 33, 12 (December 1990)
--
Kevin Schoedel <schoedel(a)kw.igs.net> VA3TCS
10:54 p.m.
New subject: Bugs in V6 'dcheck'
Doug is quite right that we were much more relaxed about security then.
THe academic world was very much inspired at the time by the idea that one
could prove programs correct using mathematics. I remember having some
very spirited arguments on this topic with some academics. My argument
was roughly "Proving programs is stupid. Look at Unix. It's insanely
useful, but most programs can't be proved correct because they aren't!".
Buffer overflow was one of the bugs I had in mind. It was embarrassing in
later years to read about all the hackers exploiting these bugs.
In our defence, with only <= 64KB for programs and data and the slow
machines of the day, dynamic allocation and subscript checking were often
impractical...
Steve
At 7:24 ?pm -0400 2014/05/31, Doug McIlroy wrote:
Does anybody
remember who published that deep new insight and/or where?
Probably this:
B.P. Miller, L. Fredriksen, So, B. "An Empirical Study of the Reliability
of UNIX Utilities", Communications of the ACM 33, 12 (December 1990)
--
Kevin Schoedel <schoedel(a)kw.igs.net> VA3TCS
_______________________________________________
TUHS mailing list
TUHS(a)minnie.tuhs.org
https://minnie.tuhs.org/mailman/listinfo/tuhs
11:48 p.m.
New subject: Bugs in V6 'dcheck'
On May 31, 2014 6:25 PM, "Doug McIlroy" <doug(a)cs.dartmouth.edu> wrote:
yeah, that's not really sporting. I've always wondered about something
else, though: Were the original Unix authors annoyed when they learned that
some irascible young upstart named Richard Stallman was determined to make
a free Unix clone? Was he a gadfly, or just some kook you decided to
ignore? The fathers of Unix have been strangely silent on this topic for
many years. Maybe nobody's ever asked?
Ken and Dennis and the other guys behind
the earliest UNIX code were smart guys and good programmers,
but they were far from perfect; and back in those days we
were all a lot sloppier.
The observation that exploits may be able to parlay
mundane bugs into security holes was not a commonplace
back then--even in the Unix room. So input buffers were
often made "bigger than ever will be needed" and left
that way on the understanding that crashes are tolerable
on outlandish data. In an idle moment one day, Dennis fed
a huge line of input to most everything in /bin. To the
surprise of nobody, including Dennis, lots of programs
crashed. We WERE surprised a few years later, when a journal
published this fact as a research result. Does anybody
remember who published that deep new insight and/or where?
Doug 
2 Jun
2 Jun
1:11 a.m.
New subject: Bugs in V6 'dcheck'
Some UPSTART named RMS in his whole odipherous spledor couldn't even spell LINUX.
If you read his earlier manifesto rants he hated UNIX with a passion.
Holding out the TOPS operating systems as the be-all and end-all of user interface.
Despite his disingenous propaganda, he didn't invent LINUX (or any other UNIX
clone).
RMS didn't even enter onto the UNIX scene until after he had been burned by
LMI/Symbolics/MIT over contributions he made to the Lisp Machine that he assumed would
always be freely available. I was a rather late comer to UNIX, having not started on
it until 1977, RMS wasn't anywhere around until over a decade later.
I was happy that Ken and Dennis and the folks were coming up with the design pattern and
not worrying about every single bug in the system. This was RESEARCH. Those of us in
the direct trenches at the places that got UNIX under the "scrap metal"
provisions got to make our own contribution by increasing robustness and performance as
well as extended the underlying paradigm.
yeah, that's not really sporting. I've
always wondered about something else, though: Were the original Unix authors annoyed when
they learned that some irascible young upstart named Richard Stallman was determined to
make a free Unix clone? Was he a gadfly, or just some kook you decided to ignore? The
fathers of Unix have been strangely silent on this topic for many years. Maybe
nobody's ever asked?
_______________________________________________
TUHS mailing list
TUHS(a)minnie.tuhs.org
https://minnie.tuhs.org/mailman/listinfo/tuhs
2:10 a.m.
New subject: Bugs in V6 'dcheck'
On Jun 1, 2014 8:11 PM, "Ronald Natalie" <ron(a)ronnatalie.com> wrote:
Some UPSTART named RMS in his whole odipherous spledor couldn't even
spell
LINUX.
This I've always found ironic, that he's sore because people call the os
linux and don't give gnu credit, when gnu itself was simply a unix ripoff.
Trying to empathize with the creators of unix, I think I would've felt like
someone was stealing things I'd worked hard to produce. But I don't know.
Like you said, he wrote manifestos and rants, so I might just as well have
dismissed him as a nut. You could also take the magnanimous view that he
was actually helping spread your ideas, albeit while putting his own
political spin on things. I'm sorry, I wasn't trying to troll or start a
flame war. RMS is something of an enigma to me.
<snip>
RMS didn't even enter onto the UNIX scene until
after he had been burned
by LMI/Symbolics/MIT over contributions he made to the Lisp
Machine that he
assumed would always be freely available. I was a rather late comer to
UNIX, having not started on it until 1977, RMS wasn't anywhere around
until over a decade later.
I think he likes to throw 1984 around as the year he wrote the 'gnu
manifesto'.
I was happy that Ken and Dennis and the folks were
coming up with the
design pattern and not worrying about every single bug in the
system.
This was RESEARCH. Those of us in the direct trenches at the places
that got UNIX under the "scrap metal" provisions got to make our own
contribution by increasing robustness and performance as well as extended
the underlying paradigm.
And it's a beautiful design that has adapted remarkably well to new
technologies for decades.
3 Jun
3 Jun
4:38 p.m.
New subject: Bugs in V6 'dcheck'
Doug McIlroy <doug(a)cs.dartmouth.edu> wrote on Sat, 31 May 2014
19:24:57 -0400:
> ...
> In an idle moment one day, Dennis fed a huge line of input to most
> everything in /bin. To the surprise of nobody, including Dennis, lots
> of programs crashed. We WERE surprised a few years later, when a
> journal published this fact as a research result. Does anybody
> remember who published that deep new insight and/or where?
> ...
I suspect that two relevant papers that Doug is recalling are these (I
routinely use their fuzz-test code on my own software):
@String{j-CACM = "Communications of the ACM"}
@Article{Miller:1990:ESR,
author = "Barton P. Miller and Lars Fredriksen and Bryan So",
title = "An empirical study of the reliability of {UNIX}
utilities",
journal = j-CACM,
volume = "33",
number = "12",
pages = "32--44",
month = dec,
year = "1990",
CODEN = "CACMA2",
ISSN = "0001-0782 (print), 1557-7317 (electronic)",
ISSN-L = "0001-0782",
bibdate = "Wed Sep 25 09:24:48 2002",
bibsource = "ftp://ftp.ira.uka.de/pub/bibliography/Misc/IMMD_IV.bib;
http://www.acm.org/pubs/toc/;
http://www.math.utah.edu/pub/tex/bib/cacm1990.bib"quot;,
note = "This is a fascinating paper on what happens when
random input streams are fed into important UNIX
utilities on several commercial UNIX systems. In some
cases, the tests were able to crash the entire
operating system. In 1995, a (sadly, unpublished)
followup study showed that many of the failures
diagnosed in 1990 still had not been repaired in the
commercial systems, and that the GNU implementations
were generally more robust. Both 1990 and 1995 papers,
and the fuzz-generating software, are available at the
authors' FTP site at
\path|ftp://grilled.cs.wisc.edu/technical_papers/fuzz.ps|
and
\path|ftp://grilled.cs.wisc.edu/technical_papers/fuzz-revisited.ps|.",
URL = "ftp://grilled.cs.wisc.edu/technical_papers/fuzz-revisited.ps;
ftp://grilled.cs.wisc.edu/technical_papers/fuzz.ps;
http://www.acm.org/pubs/toc/Abstracts/0001-0782/96279.html"quot;,
acknowledgement = ack-nhfb,
journal-URL = "http://portal.acm.org/browse_dl.cfm?idx=J79",
keywords = "design; reliability; security",
note2 = "[25-Sep-2002]: The fuzz software archive has been
moved to
\path|ftp://ftp.cs.wisc.edu/pub/paradyn/fuzz/|, and the
technical reports to
\path|ftp://ftp.cs.wisc.edu/pub/paradyn/technical_papers/fuzz*|.",
subject = "{\bf D.4.5}: Software, OPERATING SYSTEMS, Reliability.
{\bf D.4.0}: Software, OPERATING SYSTEMS, General,
UNIX. {\bf D.4.9}: Software, OPERATING SYSTEMS, Systems
Programs and Utilities. {\bf D.2.5}: Software, SOFTWARE
ENGINEERING, Testing and Debugging.",
}
@String{j-OPER-SYS-REV = "Operating Systems Review"}
@Article{Miller:2007:ESR,
author = "Barton P. Miller and Gregory Cooksey and Fredrick
Moore",
title = "An empirical study of the robustness of {MacOS}
applications using random testing",
journal = j-OPER-SYS-REV,
volume = "41",
number = "1",
pages = "78--86",
month = jan,
year = "2007",
CODEN = "OSRED8",
DOI = "http://doi.acm.org/10.1145/1228291.1228308",
ISSN = "0163-5980 (print), 1943-586X (electronic)",
ISSN-L = "0163-5980",
bibdate = "Fri Jun 20 17:15:27 MDT 2008",
bibsource = "http://portal.acm.org/;
http://www.math.utah.edu/pub/tex/bib/opersysrev.bib"quot;,
abstract = "We report on the fourth in a series of studies on the
reliability of application programs in the face of
random input. Over the previous 15 years, we have
studied the reliability of UNIX command line and
X-Window based (GUI) applications and Windows
applications. In this study, we apply our fuzz testing
techniques to applications running on the Mac OS X
operating system. We continue to use a simple, or even
simplistic technique: unstructured black-box random
testing, considering a failure to be a crash or hang.
As in the previous three studies, the technique is
crude but seems to be effective in locating bugs in
real programs. We tested the reliability of 135
command-line UNIX utilities and thirty graphical
applications on Mac OS X by feeding random input to
each. We report on application failures --- crashes
(dumps core) or hangs (loops indefinitely) --- and, where
source code is available, we identify the causes of
these failures and categorize them. Our testing crashed
only 7\% of the command-line utilities, a considerably
lower rate of failure than observed in almost all cases
of previous studies. We found the GUI-based
applications to be less reliable: of the thirty that we
tested, only eight did not crash or hang. Twenty others
crashed, and two hung. These GUI results were
noticeably worse than either of the previous Windows
(Win32) or UNIX (X-Windows) studies.",
acknowledgement = ack-nhfb,
fjournal = "ACM SIGOPS Operating Systems Review",
journal-URL = "http://portal.acm.org/browse_dl.cfm?idx=J597",
keywords = "fuzz; random testing",
}
-------------------------------------------------------------------------------
- Nelson H. F. Beebe Tel: +1 801 581 5254 -
- University of Utah FAX: +1 801 581 4148 -
- Department of Mathematics, 110 LCB Internet e-mail: beebe(a)math.utah.edu -
- 155 S 1400 E RM 233 beebe(a)acm.org beebe(a)computer.org -
- Salt Lake City, UT 84112-0090, USA URL: http://www.math.utah.edu/~beebe/ -
-------------------------------------------------------------------------------
3617
days inactive
3620
days old
6 comments
6 participants
participants (6)
-
A. P. Garcia -
Doug McIlroy -
Kevin Schoedel -
Nelson H. F. Beebe -
Ronald Natalie -
scj@yaccman.com