Defect Report concerning: IEEE Std. 1003.2-1992, ISO/IEC 9945-2:1993 - Shell & Utilities
Clause: 5.37.2
PASC Interpretation Ref: pasc-1003.2-26
Topic: write

This is an unapproved interpretation of PASC 1003.2-1992, ISO/IEC 9945-2:1993 - Shell & Utilities.

Use of the information contained in this unapproved document is at your own risk.

Last update: 20 April,2001 

								1003.2-92  #26

	Class: Defect situation

The standards states what it states, and conforming implementations
must conform to this. However, concerns have been raised about this
which are being referred to the Sponsors of the standard for consideration as
a future amendment.

This response will be incorporated in an IEEE interpretations
publication, and will be also made available on-line on the IEEE 
SPAsystem.
 _____________________________________________________________________________


	Interpretation Number:	(to be assigned by the IEEE)
	Topic:			write
	Relevant Sections:	5.37.2


Interpretation Request: (Defect Report)
 
          In Section 5.37.2 - Description  {of  write},  the  standard 
          states that ``[t]yping [other] nonprintable characters shall 
          cause   implementation-defined   sequences   of    printable 
          characters to be  written  to  the  recipient's  terminal.'' 
          [Draft 12 of IEEE Std 1003.2-1992 (July 1992), p. 694, lines 
          5988-5989] and  that  ``[t]yping  characters  from  LC_CTYPE 
          classifications print or space shall cause those  characters 
          to be sent to the recipient's terminal.''  [Ibid.,  p.  694, 
          lines 5982-5983] 
 
          If {POSIX2_LOCALEDEF} is defined,  a  malicious  user  could 
          create a locale in which every character is  printable.   In 
          this case, a control sequence causing a line to be  sent  to 
          the system and then executed can be sent to an  unsuspecting 
          user's terminal. 
 
          This  is  a   security   hole.    Could   lines   5996-5997: 
          ``[h]owever, a user's privilege may  further  constrain  the 
          domain of accessibility of other users' terminals''  [Ibid., 
          p.694, lines 5996-5997] be  used  to  close  this  hole,  by 
          disallowing mortals from writing to other  users'  terminals 
          if their LC_CTYPE is not a public locale? 
 

IEEE Interpretation for 1003.2-1992 
-----------------------------------


The standard allows the behavior described in the interpretation
request. Concern over this has been forwarded to the sponsors of the
standard.

Rationale for Interpretation:
-----------------------------

None.
 _____________________________________________________________________________