From owner-freebsd-security  Fri Aug 21 06:52:33 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id GAA06721
          for freebsd-security-outgoing; Fri, 21 Aug 1998 06:52:33 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from passer.osg.gov.bc.ca (passer.osg.gov.bc.ca [142.32.110.29])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA06716
          for <security@FreeBSD.ORG>; Fri, 21 Aug 1998 06:52:32 -0700 (PDT)
          (envelope-from cy@cschuber.net.gov.bc.ca)
Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.8.8/8.6.10) id GAA07604; Fri, 21 Aug 1998 06:51:52 -0700 (PDT)
Received: from cschuber.net.gov.bc.ca(142.31.240.113), claiming to be "cwsys.cwsent.com"
 via SMTP by passer.osg.gov.bc.ca, id smtpdZB7602; Fri Aug 21 06:51:27 1998
Received: (from uucp@localhost) by cwsys.cwsent.com (8.9.1/8.6.10) id GAA08941; Fri, 21 Aug 1998 06:51:23 -0700 (PDT)
Message-Id: <199808211351.GAA08941@cwsys.cwsent.com>
Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys"
 via SMTP by localhost.cwsent.com, id smtpdSH8933; Fri Aug 21 06:51:13 1998
X-Mailer: exmh version 2.0.2 2/24/98
Reply-to: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
From: Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
X-Sender: cy
To: "Jordan K. Hubbard" <jkh@time.cdrom.com>
cc: security@FreeBSD.ORG
Subject: Re: Scaring the bezeesus out of your system admin as a normal 
 user:
In-reply-to: Your message of "Fri, 21 Aug 1998 00:02:54 PDT."
             <29367.903682974@time.cdrom.com> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Fri, 21 Aug 1998 06:51:07 -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org




Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Open Systems Group          Internet:  cschuber@uumail.gov.bc.ca
ITSD                                   Cy.Schubert@gems8.gov.bc.ca
Government of BC            

> % logger -p auth.notice -t su crackman to root on ttyp1
> 
> I'd suggest that /var/run/log should have 0600 permissions but that
> would certainly screw over a few of syslog(3)'s current users.
> 
> Hmmmm.  No quick ideas here. :)

Gene Spafford talks about a similar prank he did in college in his book 
Practical UNIX Security.


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Open Systems Group          Internet:  cschuber@uumail.gov.bc.ca
ITSD                                   Cy.Schubert@gems8.gov.bc.ca
Government of BC            




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message