BSD tty security, part 3: How to Fix It

John 'tms' Navarra navarra at casbah.acns.nwu.edu
Mon Apr 29 12:31:36 AEST 1991 

In article <15896:Apr2714:35:3991 at kramden.acf.nyu.edu> brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
>(Note that the changes to ``write'' being discussed here are entirely
>optional suggestions; only steps 1-12 are necessary to fix the basic
>problems.)
>
>
>Well, I'm glad you agree with two of them, but I'd like to ask the net's
>opinion on the other two. Let me split this into three questions:
>
>1. Do people think it's a problem that lines from ``write'' are not
>identified? If nothing else, I like the ability to carry on two or three
>write conversations at once without getting totally confused. If others
>don't like this, though, then I'll stop pushing for it.

     I don't really have a problem with this. But I suppose it is no 
 big deal to include a username: message 
 at the begining of each line.                                       
 As far as making write multi-user -- THAT would be useful and then you
 would need this utility to identify users. I guess you are pretty much
 writing a local irc?

>
>2. Do people think it's a problem that someone can start a ``write'',
>then just type EOF or EOT to simulate ending it, then continue typing
>without identification? While most experienced users will guess exactly
>what's going on, novice users are really up the creek. Does anyone agree
>with Jef that it's ``disgusting'' to see
>
>	Message from operator at kramden on ttyp7 at 10:24 ...
>	operator: this is where the text goes
>	operator: and so on
>	End of message from operator at kramden on ttyp7 at 10:25
>
>instead of
>
>	Message from operator at kramden on ttyp7 at 10:24 ...
>	this is where the text goes
>	and so on
>	EOF

      Again, this is an EASY thing to do. You could do some checking to see
 if the string eof (EOF) is passed and then exit automatically and in 
 addition, print out the username of the person sending the message at the 
 end of the session. 
>
>Maybe I'm biased from my RELAY days, but I really find the first format
>more informative.
>
>3. Do people think it's a problem that ``write'' can flood a terminal
>with output before the recipient has a chance to react? My version
>limits output to 500 characters per line and one line a second. Does
>anyone think that this affects legitimate uses of ``write''? If not, is
>there any harm in adding the protection against accidents and abuse?

 Another good point. I once (along with a friend of mine) just swamped our
 super users terminal whenever he logged in. Write should have some limit
 to the number of characters it sends at a time. Or perhaps a better way
 to deal with large amounts of characters being transferred at one time --
 like if a char/min ratio was too big, write would pause a coupla seconds
 to accept a kill signal from the receiver. 
>
>---Dan



         Good luck with your program.

-- 
>From the Lab of the MaD ScIenTiST:
      
navarra at casbah.acns.nwu.edu

More information about the Comp.unix.wizards mailing list