home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!charon.amdahl.com!pacbell.com!decwrl!sun-barr!olivea!sgigate!sgiblab!munnari.oz.au!cs.mu.OZ.AU!montebello.ecom.unimelb.EDU.AU!carl
- From: carl@montebello.ecom.unimelb.EDU.AU (Carl Brewer)
- Newsgroups: comp.security.misc
- Subject: Re: Setuid script - is this unsecure?
- Message-ID: <9231110.9860@mulga.cs.mu.OZ.AU>
- Date: 5 Nov 92 23:15:51 GMT
- References: <1d6fdiINNf5q@bnsgd245.bnr.co.uk>
- Sender: news@cs.mu.OZ.AU
- Organization: Dept. Engineering Computer Resources, Melbourne Uni.
- Lines: 33
-
- In article <1d6fdiINNf5q@bnsgd245.bnr.co.uk> rickt@bnr.co.uk (Rick Tait) writes:
- >I recently installed these shell scripts on my machine (on which I am root),
- >and I'd like to know if I'm compromising it's security. Basically, they
- >just allow the users to mount/umount/eject the floppy disk (pcfs).
- >
- >In: (mount script)
-
- [irrelevant script contents deleted]
-
- >So do these make my system insecure? How? How the hell would a user
- >turn these simple scripts over into something to compromise my IPX?
-
- this is the oldest crack trick in the book, and is in the FAQ
-
- Suggest you read it, the bit on creating a symbolic link
- to the script from a file called "-i" ...
- you may find that informative
-
- >
- >By the way, these are the directory entries:
- >
- >-rwSr-xr-x 1 root staff 368 Oct 11 11:20 in*
- >-rwSr-xr-x 1 root staff 42 Oct 23 15:05 out*
- ^
- get those alarm bells ringing
-
-
-
- --
- Annal Natrach, Usthvah Spethed, carl@ecr.mu.oz.au (IRC: Bleve)
- Dochoel Dienve carl@munagin.ee.mu.oz.au
- carl@montebello.ecom.unimelb.EDU.AU
- Merlin, where are you? Call your dragon, to weave a mist...
-
