Crackers and Worms
99700000
haynes at ucscc.UCSC.EDU
Sat Nov 19 17:12:19 AEST 1988
In article <4820 at bsu-cs.UUCP> dhesi at bsu-cs.UUCP (Rahul Dhesi) writes:
>
>The trouble is that once you are daemon, you can queue an "at" job to
>be executed as root.
>
As soon as I get a new system (with source) I apply a 2-line patch
to atrun.c such that, right before the setuid() call, if the uid
is going to be root it exits. A side effect is that it leaves the
offending file in /usr/spool/at/past, so you can examine it at your
leisure. Not that I've had that many to examine...
haynes at ucscc.ucsc.edu
haynes at ucscc.bitnet
..ucbvax!ucscc!haynes
"Any clod can have the facts, but having opinions is an Art."
Charles McCabe, San Francisco Chronicle
More information about the Comp.unix.wizards
mailing list