From owner-freebsd-security  Tue Sep 15 07:44:32 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id HAA20775
          for freebsd-security-outgoing; Tue, 15 Sep 1998 07:44:32 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from axl.training.iafrica.com (axl.training.iafrica.com [196.31.1.175])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA20628
          for <freebsd-security@freebsd.org>; Tue, 15 Sep 1998 07:43:41 -0700 (PDT)
          (envelope-from sheldonh@axl.training.iafrica.com)
Received: from sheldonh (helo=axl.training.iafrica.com)
	by axl.training.iafrica.com with local-esmtp (Exim 1.92 #1)
	id 0zIwIi-0000FJ-00; Tue, 15 Sep 1998 16:41:52 +0200
From: Sheldon Hearn <axl@iafrica.com>
To: Zahemszky Gabor <zgabor@zg.CoDe.hu>
cc: freebsd-security@FreeBSD.ORG
Subject: Re: csh/bash/tcsh/others? buffer overflow 
In-reply-to: Your message of "Tue, 15 Sep 1998 13:04:43 +0200."
             <199809151104.NAA01220@CoDe.hu> 
Date: Tue, 15 Sep 1998 16:41:51 +0200
Message-ID: <948.905870511@axl.training.iafrica.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



On Tue, 15 Sep 1998 13:04:43 +0200, Zahemszky Gabor wrote:

> Then as root do:
> [...]
> The bash dies... Check if there is suid shell in tmp dir:
>         [debian]:~$ ls -l /tmp/sh
>         -rwsr-sr-x   1 root     root       304676 Sep  4 20:55 sh

>From your post, it looks as though this "root exploit" requires root
priveledges to action. Have I misread this? If not, I don't think that
root having permission to create backdoors is a security concern.

Ciao,
Sheldon.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message