Trojan horse possible with news readers
Badri Lokanathan
badri at valhalla.ee.rochester.edu
Sat Dec 3 08:11:01 AEST 1988
In article <1261 at vsi1.UUCP>, lmb at vsi1.UUCP (Larry Blair) writes:
> I don't believe that those braindamaged versions of vi will execute:
>
> > ex:!sh -c 'echo any command'>/tmp/NEWSBUG:
Yes it will (at least the version of ex documented in the Mt. Xinu
user docs,) since the caveats are
(0) modeline must be set
(1) The line should appear in the first or last 5 lines
(2) The string ex: or vi: preceeded by a tab or a space may be
anywhere in the line and anything after the : is
interpreted as editor commands.
The only safeguard is to disable modeline.
--
"We will fight for the right to be free {) badri at ee.rochester.edu
We will build our own society //\\ {ames,cmcl2,columbia,cornell,
And we will sing, we will sing ///\\\ garp,harvard,ll-xn,rutgers}!
We will sing our own song." -UB40 _||_ rochester!ur-valhalla!badri
More information about the Comp.unix.wizards
mailing list