Date: Tue, 25 Jun 1996 04:05:40 -0700 (MST) From: Don Yuniskis <dgy@rtd.com> To: mark@grumble.grondar.za.@grondar.za (Mark Murray) Cc: vince@mercury.gaianet.net, dgy@rtd.com, mark@grumble.grondar.za, hackers@FreeBSD.ORG, security@FreeBSD.ORG, chad@mercury.gaianet.net, jbhunt@mercury.gaianet.net Subject: Re: I need help on this one - please help me track this guy down! Message-ID: <199606251105.EAA10554@seagull.rtd.com> In-Reply-To: <199606251002.MAA09345@grumble.grondar.za> from "Mark Murray" at Jun 25, 96 12:02:23 pm
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Well, it *appears* that one of *you* did! :> > > > > Well, jbhunt was the one who gave the user the account and the > > user just transferred the root which is /bin/sh with setuid and ran it > > and he got root.... > > Review that. _Carefully_. I think you are seriously WRONG there. That > user did something sneaky, and you did not see it. I STRONGLKY suggest "vince" repeat exactly what he's said here. When he realizes it's "just not so", perhaps he'll rethink his NEXT post. 1) As root, create *any* suid file. Heck, use this guy's "root" file just in case you can't do it yourself. 2) As non-root, try to make a copy of that file... use cp, cat >, ftp it, up/download it via kermit, etc. Let us know what you learn in the process!
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606251105.EAA10554>