Re: Sol2.x Mouse EXPLOIT info - CORRECTION

Timothy Newsham (newsham@aloha.net)
Thu, 19 Jan 1995 10:23:41 -1000 (HST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Matthew Harding: "O/S holes"
Previous message: M.S. Ramesh: ""Hello" and a question"
In reply to: Doug Siebert: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"
Next in thread: Timothy Newsham: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"

> > >	Another thing not considered, is that by default under Ultrix
> > >all the network tty's are _unsecure_ meaning root cannot log in on
> > >them no matter what .rhosts says.  Unless you have changed this it
> > >is absolutely not possible for this to be a problem.
> > 
> > You mean except for "rsh ultrixhost rm -rf /"
> > Remember, with /.rhosts, having unsecure ttys has no effect.
> > --Dave
> 
> Or instead of rm -rf /, how about using sed to change those ttys to secure to
> allow you a normal login?

you dont have to jump through hoops:

    rm -rf host csh -if

gives you an interactive shell (though no tty).  At this point you
can go around changing things at will interactively.

> Doug Siebert
> dsiebert@isca.uiowa.edu

Next message: Matthew Harding: "O/S holes"
Previous message: M.S. Ramesh: ""Hello" and a question"
In reply to: Doug Siebert: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"
Next in thread: Timothy Newsham: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"