Dangers of vi & passwd (Was Re: SVR3 passwd changes mode of passwd file)

[John Chambers]

In article <195 at taux02.UUCP>, amos at taux02.UUCP (Amos Shapir) writes:
> In article <13215 at hqda-ai.ARPA> jay at hqda-ai.ARPA (Jay Heiser) writes:
> >CCI, our SysV vender, has just posted a bulletin warning that vi has
> >an undocumented feature.  "[it was] designed to look for the
> >occurrence of a line that starts with the string "ei:" and use the
> >characters following the ei: as editor commands.  This is NOT
> >documented."
> >
> >In other words, if someone on your system has a userid 'ei',
> >unexpected things will happen if you use vi to edit the password file.
> >The bulletin only warns about SysV versions of vi (specifically on
> >tahoes and Power 5/32s).

A couple years back, a general bulletin was broadcast warning people to
eradicate all versions of vi with this feature.  The above problem is a
minor problem compared to what could be done with it.  Consider the effect
of persuading a super-user to use vi to read file that ended with lines like:
	vi:!rm -rf /*unix*
	vi:q!
There were several other amusing examples, such as invoking mail, changing
ownership of files in /etc, and so on, often ending with a command to delete
the vi: lines so the victim wouldn't see them.


-- 
John Chambers <{adelie,ima,maynard,mit-eddie}!minya!{jc,root}> (617/484-6393)

[Any errors in the above are due to failures in the logic of the keyboard,
not in the fingers that did the typing.]