Trojan horse possible with news readers
Guy Harris
guy at auspex.UUCP
Sat Dec 3 04:26:23 AEST 1988
>The default editor is usually vi; some versions of vi will execute
>commands if it sees a line (near the top or bottom of a file)
>of the form <e><x><:><command><:>
Note that some versions of "ex"/"vi" can be told to ignore mode lines,
and both the 4.3BSD and S5R3 version appear to turn them off by default.
Any user who has turned them *on* (by saying "set modeline" in the
4.3BSD version, or "set modelines" in the S5R3 version), is vulnerable.
Note also that it will also accept lines of the form "vi:<command>:",
and some earlier versions also accept "ei" or "vx".
More information about the Comp.unix.wizards
mailing list