Date: Mon, 28 Jul 1997 22:35:36 -0700 (PDT) From: Vincent Poy <vince@mail.MCESTATE.COM> To: Gary Palmer <gpalmer@FreeBSD.ORG> Cc: Nate Williams <nate@mt.sri.com>, "Jonathan A. Zdziarski" <jonz@netrail.net>, security@FreeBSD.ORG, JbHunt <johnnyu@accessus.net>, "[Mario1-]" <mario1@PrimeNet.Com> Subject: Re: security hole in FreeBSD Message-ID: <Pine.BSF.3.95.970728223008.3844u-100000@mail.MCESTATE.COM> In-Reply-To: <29452.870154093@orion.webspan.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 29 Jul 1997, Gary Palmer wrote: =)Vincent Poy wrote in message ID =)<Pine.BSF.3.95.970728211109.3844i-100000@mail.MCESTATE.COM>: =)> Nothing is unhackable. and the hacker did say it was the .rhosts =)> file along with perl5.00401 that did it. Nothing is foolproof. =) =)As evidenced by the fact you believe him. Questions that remain =)unanswered: =) =)1) if he did use an .rhosts, how did the file get there? That's what I'm trying to figure out. I know I never had a .rhosts file in my directory because I still have a tarball of my directory. =)2) I didn't know there was a setuid bug in perl 5.00401. What did he =) do to exploit perl? I don't know because all I know was he got a account on mercury.GAIANET.NET and complained perl5 wasn't working because the libmalloc file was missing. This was because the /usr/local/bin was a backup from another machine that had FreeBSD since 2.1R and we did this drive from scratch so it was perl5.003. So I did a cvsup and install perl5.00401 and that's when all the problems began. 5.003 is the one with security holes which we know about. =)3) Did you really talk to him on irc, or just some lamer pretending to =) have done the hack? I wasn't the one who talked to him but I know it's him because his ip address on irc will reach his Linux machine which he calls soma and that was the same guy who asked me about the perl thing. =)and most importantly: =) =)4) did you LEARN from this experience? If not, *WHY* not? Ofcourse... never trust anyone on the system. Too bad there wasn't a way to watch everyone or log there commands. Cheers, Vince - vince@MCESTATE.COM - vince@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970728223008.3844u-100000>