SECURITY BUG IN INTERACTIVE UNIX SYSV386
Christoph Splittgerber
chris at alderan.uucp
Wed Feb 13 21:21:57 AEST 1991
In article <KR3NBQQ at dobag.in-berlin.de> lumpi at dobag.in-berlin.de (Joern Lubkoll) writes:
>it seems that your very cute interactive unix System has a nice bug !
Oh my god - its really true. (on my ISC 2.0.2 *with* co-proc.)
While we've all been discussing security holes in the file-system and
talked about SUID and SGID and all that stuff there is a way to break
everything and it's so goddam easy that it's hard to believe it.
It's not a security hole, it's a SECURITY ABYSS.
I don't like ISC's upgrate provision clauses and I don't wana pay for this
bugfix.
So what to do now ? ..... -:( -:( -:(
Hey you people at ISC, what's up ?
--
************************ Brain fault (core dumped) *************************
Replies-To: chris at alderan.uucp UUCP: uunet!mcsun!unido!alderan!chris
Phone: +49 711 344375 Fax: +49 711 3460684
More information about the Comp.unix.sysv386
mailing list