PASS TO SITE/FACILITY/COMMAND INFORMATION SYSTEM SECURITY OFFICER
{ISSO}, SPECIAL SECURITY OFFICER {SSO}, INFORMATION RESOURCE
MANAGER {IRM} AND AUTOMATED DATA PROCESSOR {ADP} COORDINATORS
U-1,360/DS-SIM {CSG}
SUBJ:  SGI 3.3.X PSUEDO-TTY VULNERABILITY {AUTOMATED SYSTEMS
SECURITY INCIDENT SUPPORT TEAM {ASSIST} 92-60}
1.  DISCUSSION:  ASSIST HAS LEARNED OF A POSSIBLE SECURITY PROBLEM
WITH SILICON GRAPHICS SYSTEMS RUNNING IRIX 3.3.X {3.3.1, 3.3.2 AND
3.3.3L}. THIS PROBLEM HAS BEEN FIXED UNDER 4.0.1.  THE IRIX
PSUEDO-TTYS {PTTYS} ARE PROTECTED MODE 0666, WHICH PERMITS NON-
ROOT USERS TO READ UNPROTECTED TERMINALS.  THIS MIGHT PERMIT NON-
AUTHORIZED USERS TO SEE CONFIDENTIAL INFORMATION, INCLUDING
PASSWORDS.
2.  RECOMMENDATION: ASSIST RECOMMENDS THAT YOU UPGRADE YOUR 3.3.X
SYSTEM TO 4.0.1 OR TO TRUSTED IRIX ASAP.  CONTACT YOUR SGI
REPRESENTATIVE, OR SGI EXPRESS {1-800-800-SG11}.  SGI CUSTOMERS
UNDER SUPPORT MAY CALL 1-800-800-4744. NOTE: IF YOU SUSPECT THAT
ANOTHER USER IS READING FROM YOUR TERMINAL, YOU MAY USE THE
COMMAND "FUSER -U `TTY`".  THIS COMMAND WILL SHOW THE PROCESSES
THAT ARE CONNECTED TO YOUR TTY, SEE FUSER {8}.  YOU SHOULD BE ABLE
TO ACCOUNT FOR EACH OF THE PROCESSES USING THE PS{1} COMMAND.
3.  POINT OF CONTACT: ASSIST POINT OF CONTACT FOR THIS MATTER IS
MIKE HIGGINS, COMM {202} 373-8852/55 OR DSN 243-8852/55.  ASSIST
CAN BE REACHED 24 HOURS PER DAY, COMMERCIAL PAGER {800} SKY-PAGE,
PIN NUMBER 2133937 {FROM A TOUCH TONE PHONE ENTER THE CALL BACK
NUMBER AFTER THE PROMPT} OR AUTOVON DIAL 243-8000 AND ASK TO HAVE 
THE ASSIST DUTY OFFICER PAGED.  ASSIST CAN BE REACHED VIA E-MAIL
AT "DOD-CERT{AT-SIGN}DDN-CONUS.DDN.MIL."