exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

sun.cc.compiler.txt

sun.cc.compiler.txt
Posted Aug 17, 1999

"Big Brother" feature that sends lists of your C compiler commands to "ut-cc@sunpro.Eng.Sun.COM" exists in alpha and beta versions of Sun's SUNWspro C compiler package.

tags | exploit
SHA-256 | 24e59d2817633be6d77dc3cc11da5272724e5f3b2396939511a810aafe8126a2

sun.cc.compiler.txt

Change Mirror Download
Date: Tue, 15 Jun 1999 00:17:12 +1000
From: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
To: BUGTRAQ@netspace.org
Subject: big brother in your cc

Whilst this isn't strictly speaking a security bug, it borders on
Sun acting in a very "big brother" manner which is frightening!

For those of you using Sun's SUNWspro C compiler package, beware!
The binaries "c89" and "cc" appear to automagically send an email
to "ut-cc@sunpro.Eng.Sun.COM" with a list of C compiler commands,
including some sort of cpu-time summary. Extract as follows:

INFO unix i86pc SunOS 5.7
cc -E
CPU-time 0.010000 0.010000
...
cc -o -Xa -O
CPU-time 0.000000 0.060000
...
cc -o -Xa -O
CPU-time 0.020000 0.050000

and so on. Setting the environment variable UT_NO_USAGE_TRACKING
seems to do the right thing but for those that wish to enable this
feature, check with strings on the available environment settings
to mediate this (search for UT_). The mail is set to originate from
"nobody" so it's unlikely you'll notice it if it fails to be delivered
unless you check your mail queue.

---------------------------------------------------------------------------

Date: Mon, 14 Jun 1999 23:33:09 +0200
From: Casper Dik <casper@HOLLAND.SUN.COM>
To: BUGTRAQ@netspace.org
Subject: Re: big brother in your cc

>Whilst this isn't strictly speaking a security bug, it borders on
>Sun acting in a very "big brother" manner which is frightening!
>
>For those of you using Sun's SUNWspro C compiler package, beware!
>The binaries "c89" and "cc" appear to automagically send an email
>to "ut-cc@sunpro.Eng.Sun.COM" with a list of C compiler commands,
>including some sort of cpu-time summary. Extract as follows:
>
>cc -E

(I have a strong sense of deja-vu, wasn't this discussed before on
BUGTRAQ? Ah wait, Usenet Oct '98)

This compiler "feature" only exists in the pre-FCS compilers (i.e.,
Alpha and Beta products) and other pre-FCS workshop products.

It was documented in several locations, perhaps even in the
"must read and agree to" license, but I think it was pretty prominent.
(The websites have gone now that FCS is here)

(Some older compilers inadvertedly left the code in) 4.0? 4.1?

That is, unless you have a domainname set on your system that ends
in .sun.com; in that case usage tracking also happens with your FCS
compiler.

So it's not all that big brotherish as you make it out:

- for alpha/beta only
- documented how to switch off (in several places)
- the cc command lines forwarded only include the options,
not the option parameters or file name arguments.
(-DFOO becomes -D, -Lpath gives -L etc ; file.c is not listed)


Nothing sinister, just alpha/beta users helping to gather statistics
about compiler option usage. (And us internal Sun folk who get to
test drive all stuff)

Of course, we could argue whether this should be an opt-in or opt-out
thing till we're blue in the face, but let's not.

Suffices to say that I've long since disabled most outgoing mail
>from my system.

Casper

---------------------------------------------------------------------------

Date: Mon, 14 Jun 1999 20:00:05 +0100
From: Alec Muffett <alecm@COYOTE.UK.SUN.COM>
To: BUGTRAQ@netspace.org
Subject: Old Software (Was: Re: big brother in your cc)

[Aleph - please expedite posting this if possible. Love'n'Hugs.]

>Whilst this isn't strictly speaking a security bug, it borders on
>Sun acting in a very "big brother" manner which is frightening!

Hi Guys,

The story I am told, is:

| This is VERY OLD NEWS. This info was collected as part of the
| Workshop 5.0 Early Access and Developer Release programs. It is
| *not*, I repeat, NOT turned on in the FCS release of the product.
| When customers downloaded the Early Access and Developer Release
| products off the web they where told this info was being collected via
| the FAQ and via the web security disclosure statment on the web
| site. In addition, the FAQ told them how to turn it off if they felt
| that it was data they did no want to devulge.
|
| The Early Access and Developer Release web sites are long since
| defunct since the WS 5.0 product FCS in 2/2/99. It used to be located
| at http://access1.sun.com/workshop5.0ea.

...so, can anyone submit an instance of this happening with the non
early-access software?

- alec

---------------------------------------------------------------------------

Date: Tue, 15 Jun 1999 17:16:52 +1000
From: Darren Reed <avalon@COOMBS.ANU.EDU.AU>
To: BUGTRAQ@netspace.org
Subject: Re: big brother in your cc

I must admit that I'm quite embaressed about bringing this up without
properly checking which versions, etc, had the described behaviour as
it doesn't appear in any of the FCS versions.

In some mail from Casper Dik, sie said:
>
> (I have a strong sense of deja-vu, wasn't this discussed before on
> BUGTRAQ? Ah wait, Usenet Oct '98)
>
> This compiler "feature" only exists in the pre-FCS compilers (i.e.,
> Alpha and Beta products) and other pre-FCS workshop products.

Yes, I should have checked more fully on systems I have at my
disposal.

> It was documented in several locations, perhaps even in the
> "must read and agree to" license, but I think it was pretty prominent.

And like most licenses which people need to get through to install/get
software, I (like most people) tend to just click "yes" rather than `waste'
time reading it.

Still, I'd have rather seen the email come from foo@ rather than
nobody@ (which has the effect of making it disappear via /dev/null
if an error occurs in delivery).

Darren

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close