SECURITY BUG IN INTERACTIVE UNIX SYSV386
eric.a.olson
junk1 at cbnews.att.com
Tue Feb 19 23:32:35 AEST 1991
In article <1991Feb18.140624.1860 at virtech.uucp> cpcahil at virtech.uucp (Conor P. Cahill) writes:
>
>THE uunencoded binary is not less dangerous. I meant "a uuencoded binary
>that proves that root access was obtained without damaging the security
>of the system".
>
Oh, come on, Conor...you would run a _binary_ file that
proves that root access was obtained and that _claims_ not
to have damaged the security system? I would not. I tried
the source (segmentation violation on AT&T 3.2.1 and 3.2.2
with no co-proc). I think that perhaps the best of both
worlds would have been served with the simple statement,
"The u-area is not write-protected on all versions of the
UNIX operating system."
eric a. olson
eao at mvucl.att.com
More information about the Comp.unix.sysv386
mailing list