From owner-freebsd-hackers Mon Jun 24 17:29:04 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id RAA26474 for hackers-outgoing; Mon, 24 Jun 1996 17:29:04 -0700 (PDT) Received: from mercury.gaianet.net (root@mercury.gaianet.net [206.171.98.26]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA26469; Mon, 24 Jun 1996 17:29:00 -0700 (PDT) Received: (from vince@localhost) by mercury.gaianet.net (8.7.5/8.6.12) id RAA22946; Mon, 24 Jun 1996 17:28:45 -0700 (PDT) Date: Mon, 24 Jun 1996 17:28:45 -0700 (PDT) From: -Vince- To: Gary Palmer cc: hackers@FreeBSD.ORG, security@FreeBSD.ORG, Chad Shackley , jbhunt Subject: Re: I need help on this one - please help me track this guy down! In-Reply-To: <27780.835661925@palmer.demon.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Tue, 25 Jun 1996, Gary Palmer wrote: > [ CC: Trimmed ] > > > Yeah, that's the real question is like if he can transfer the > > binary from another machine and have it work... other people can do the > > same thing and gain access to FreeBSD boxes as root as long as they have > > a account on that machine... > > Sort of. You need root access in the first place to create a suid root > shell... It could be an old exploit that is now closed (like the > mount_union loophole)... Yeah, I was thinking you do need to be root in the first place to do it. I think this guy got a account after ther mount_union loophole since we're running -current and -current did fix the security problems... Vince