Date: Sun, 10 Aug 1997 14:32:13 -0400 (EDT) From: Brian Mitchell <brian@firehouse.net> To: "Jonathan A. Zdziarski" <jonz@netrail.net> Cc: bugtraq@netspace.org, freebsd-security@FreeBSD.ORG Subject: Re: procfs hole Message-ID: <Pine.BSI.3.95.970810143116.19099A-100000@shell.firehouse.net> In-Reply-To: <Pine.BSF.3.95q.970810102208.13506A-100000@netrail.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 10 Aug 1997, Jonathan A. Zdziarski wrote: > I attempted to run it and got the following trying to run it with 'root' > as the user (even providing the correct password): > > Demonstration of 4.4BSD procfs hole > Brian Mitchell <brian@firehouse.net> > > after you see "setuid changed", enter the pw for the user > Be warned, searching for the setuid() function takes a long time! > Password:searching - please be patient... > setuid changed (0x8046f64) > > _su: Permission denied. You also using a shell of tcsh or csh. As I noted, you need to change your shell to /bin/sh or something similar (or use the -b argument). Judging by the string, i'm guessing it is tcsh (as csh uses a diff string)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.95.970810143116.19099A-100000>