Sam Trenholme's webpage
This article was posted to the Usenet group alt.hackers in 1995; any technical information is probably outdated.

Re: Serious Linux DOSEMU security hole


Article: 8413 of alt.hackers
From: js@wolfe.net (Jay W. Summet)
Newsgroups: alt.hackers
Subject: Re: Serious Linux DOSEMU security hole
Date: 8 Aug 1995 15:25:04 GMT
Organization: WolfeNet L.L.C.
Lines: 46
Approved: js@wolfe.net
Message-ID: jswolfenews0245@wolfe.net
Reply-To: js@wolfe.net
NNTP-Posting-Host: gonzo.wolfe.net
Keywords: Linux, DOSEMU, security hole
Status: RO

>There is a SERIOUS security hole in Linux DOSEMU!

>Even with the administrator turning off all port access, users can
>ACCESS ANY PORT THEY WANT! READ/WRITE! Thus can hose things, reboot,
>etc.
>
>Here's how:
>
>mov ax, 3
>mov bx, start_port
>mov cx, number_of_ports
>set carry to get access, clear to reliquish access
>int 0xe6
>
>and there appears to be no way to disable it.
>
>I am posting more detailed info in comp.os.linux.development.system
>
>This one seems worse than the rcently mentioned chfn hole.
>
>ObHack: Finding this security hole when idly perusing the DOSEMU source!

	That's not a security hole, it's a feature! You know that it is a
feature because of the fact that it is just an operating system