Date: Tue, 25 Jun 1996 01:40:18 -0700 (PDT) From: -Vince- <vince@mercury.gaianet.net> To: Mark Murray <mark@grumble.grondar.za> Cc: hackers@FreeBSD.org, security@FreeBSD.org, Chad Shackley <chad@mercury.gaianet.net>, jbhunt <jbhunt@mercury.gaianet.net> Subject: Re: I need help on this one - please help me track this guy down! Message-ID: <Pine.BSF.3.91.960625013911.21697n-100000@mercury.gaianet.net> In-Reply-To: <199606250836.KAA08996@grumble.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 25 Jun 1996, Mark Murray wrote: > -Vince- wrote: > > > Example: user suspects you may be a DOS user, and are likely to try > > > to type the "dir" or "cls" command every now and then (by mistake). > > > > > > In his home directory he places a script called "dir" that creates a > > > suid shell (silently) then prints the usual "command not found" error. > > > > > > He then phones you, asking for support, and tries to trick you into > > > running his script. Having "." in your path makes his trickery easier. > > > > Hmmm, that's only if we had phone support.... We don't :) but do > > admins really go run a program that the user said won't run? > > Don't pick details. The point is that there is the problem that you > could be tricked (somehow) into running a user's script instead > of a system binary. This can happen even if the "." is at the > end of your path if the program/script is not the name of a > system app. Yeah, you have a point but jbhunt was watching the user as he hacked root since he brought the file from his own machine.... so that wasn't something the admin was tricked into doing.. Vince
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960625013911.21697n-100000>