Newsgroups: alt.security,alt.sources.patches
From: nyh@wpi.WPI.EDU (Nevo Y Hed)
Subject: Xterm security patch - for X11R5 and sun3 fix for the X11R4
Message-ID: <1992Jul14.023303.1397@wpi.WPI.EDU>
Organization: Worcester Polytechnic Institute
Date: Tue, 14 Jul 1992 02:33:03 GMT



On 7 May 1992 I have posted a tiny patch for xterm.  a summary
follows...  However, there were requests [to me by email] for an X11R5
version and there was also a bug that appeared only on Sun3.

The new versions are avilable via anonymous ftp as follows:
	sxtermR4.tar.Z is on wpi.wpi.edu at /contrib

	sxtermR5.tar.Z is both on wpi.wpi.edu /contrib
	                   and on ghost.sm.dsi.unimi.it /pub/crypt

 _ _ _ _ _

	Thanx to gshapiro@wpi.wpi.edu and vince@ghost.sm.dsi.unimi.it
for their help on the X11R5 version and thanx to
brossard@siisun.epfl.ch for the sun3 bug fix.

 - - - - -
	Following is a short summary of sxterm:

 	The sensitive information one could get with a simple spying program
would be passwords. So xterm and dxterm have a menu option to protect
the keyboard (using XGrabKeyboard(), only one application can use
XGrabKeyborad at the same time).  However, it is a real pain to
activate this feature, and most people don't even know it's a problem.
That's why I came up with this patch to xterm (it only modifies the
Xterm sources slightly).


	When the string "Password:" arrives at the screen (currently
ignoring case) the (already existing) xterm's secure keyboard feature
is enabled until the next linefeed.

	This feature can be disabled via menu and/or X resources as
well as the password promprt, see manpage.

-- 
Nevo Y.	 Hed              nyh@wpi.wpi.edu
++1-508-754-2491          CS student, Worcester Polytechnic Institute.
"I like my cigar too, but I take it out of my mouth from time to time" G.Marx