home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.os.linux
- Path: sparky!uunet!uunet.ca!xenitec!mongrel!shrdlu!gdm
- From: gdm@shrdlu.kwnet.on.ca (Giles D Malet)
- Subject: Re: Security problem with "rm"
- References: <Bz9uF1.1AE@techbook.com>
- Organization: 3.141592653589793238462643383279502884197169399
- Date: Wed, 16 Dec 1992 22:19:39 GMT
- Message-ID: <BzDI0s.CKn@shrdlu.kwnet.on.ca>
- Lines: 32
-
- In article <Bz9uF1.1AE@techbook.com> kosina@techbook.com (Martin Kosina) writes:
- >
- >I am having a serious security problem with the 'rm' command.
- >[...]
- >mkosina:NotSt0PgElMbo:100:6:Martin Kosina:/home/mkosina:/bin/sh
- >[...]
- >kosina@techbook.COM Public Access User --- Not affiliated with TECHbooks
- >Public Access UNIX and Internet at [..never mind !..]
- ^^^^^^^^^^^^^^^^^^
-
- Boy ! that's not the only security problem you've got :
-
- pwc: Crack v4.1f: The Password Cracker, (c) Alec D.E. Muffett, 1992
- pwc: Loading Data, host=shrdlu pid=16224
- pwc: Loaded 1 password entries with 1 different salts: 100%
- pwc: Loaded 240 rules from 'Scripts/dicts.rules'.
- pwc: Loaded 74 rules from 'Scripts/gecos.rules'.
- pwc: Starting pass 1 - password information
- pwc: Guessed mkosina (/bin/sh in /tmp/passwd) [mkosina] NotSt0PgElMbo
- pwc: Closing feedback file.
- pwc: FeedBack: 1 users done, 0 users left to crack.
- pwc: FeedBack: information: all users are cracked after gecos pass
- pwc: Done.
-
- - and that took under a second.
-
- [BTW - check your permissions on /etc for your other problem - chmod 755 or so.]
- drwxr-xr-x 3 bin bin 640 Dec 16 16:28 /etc
-
- --
- Giles D Malet gdm@shrdlu.kwnet.on.ca
- Waterloo, Ont, Canada +1 519 725 5726 gdmalet@depcartes.uwaterloo.ca
-
