Re: nfs_mount in AIX

Quentin Fennessy (Quentin.Fennessy@SEMATECH.Org)
Wed, 26 Apr 1995 13:04:56 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Aleph One: "Satan module for Linux/AIX rlogin -froot bug"
Previous message: Ben Nowlin: "Re: Good Times "virus" question"
Maybe in reply to: rick@msc.cornell.edu: "nfs_mount in AIX"
Next in thread: Andrew Dawson: "Re: nfs_mount in AIX"

> If a non-root user can mount a daemon on a directory, he can somehow
> mount something which provides him with an SUID shell.  As I said,
> I have a third-party package which can be abused in this way.  Since
> the problem is not the fault of the third party, I am inclined not
> to reveal more detail as to what and who.

OK -- don't reveal details.  And don't bother to mention it here
on this 'full disclosure' mailling list.

Quentin

Next message: Aleph One: "Satan module for Linux/AIX rlogin -froot bug"
Previous message: Ben Nowlin: "Re: Good Times "virus" question"
Maybe in reply to: rick@msc.cornell.edu: "nfs_mount in AIX"
Next in thread: Andrew Dawson: "Re: nfs_mount in AIX"