From owner-freebsd-hackers  Mon Jun 24 13:17:56 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id NAA27179
          for hackers-outgoing; Mon, 24 Jun 1996 13:17:56 -0700 (PDT)
Received: from grumble.grondar.za (root@grumble.grondar.za [196.7.18.130])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id NAA27143;
          Mon, 24 Jun 1996 13:17:12 -0700 (PDT)
Received: from grumble.grondar.za (mark@localhost.grondar.za [127.0.0.1]) by grumble.grondar.za (8.7.5/8.7.3) with ESMTP id WAA06237; Mon, 24 Jun 1996 22:13:46 +0200 (SAT)
Message-Id: <199606242013.WAA06237@grumble.grondar.za>
To: Veggy Vinny <richardc@CSUA.Berkeley.EDU>
cc: Wilko Bulte <wilko@yedi.iaf.nl>, "Jordan K. Hubbard" <jkh@time.cdrom.com>,
        guido@gvr.win.tue.nl, hackers@freebsd.org, security@freebsd.org,
        ache@freebsd.org
Subject: Re: I need help on this one - please help me track this guy down! 
Date: Mon, 24 Jun 1996 22:13:31 +0200
From: Mark Murray <mark@grumble.grondar.za.@grondar.za>
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Veggy Vinny wrote:
> 	Speaking about security, we are running a FreeBSD box and there 
> is a guy that has this program that can get root shell as long as he has 
> any account, can someone look into this and find out how he does it?  

Take claims like this with a pinch of salt. ;-)

What is the program? If we know how it works, we can fix any secuity hole
it may be exploiting.

M
--
Mark Murray
46 Harvey Rd, Claremont, Cape Town 7700, South Africa
+27 21 61-3768 GMT+0200
Finger mark@grondar.za for PGP key