Date: Wed, 12 Apr 1995 23:02:10 -0400 (EDT) From: "Jonathan M. Bresler" <jmb@kryten.atinc.com> To: hackers@FreeBSD.org Subject: [Q] dump, restore suid Message-ID: <Pine.3.89.9504122242.D10403-0100000@kryten.atinc.com>
next in thread | raw e-mail | index | archive | help
both/sbin/dump and /sbin/restore are suid root on FreeBSD 2.0R same for /sbin/rrestore and /sbin/rdump so if joe pops in a tape and does a restore as a regular user on my machine over the net from his machine to mine using this suid root rrestore, he can drop in a /usr/sbin/vipw of his choice??? ls -Flago /usr /sbin/rrestore /usr/sbin/vipw -r-sr-sr-x 2 root tty - 184320 Jan 25 10:56 /sbin/rrestore* -r-xr-xr-x 1 bin bin - 12288 Jan 25 11:05 /usr/sbin/vipw* /usr: total 38 drwxr-xr-x 11 root wheel - 1024 Feb 28 14:31 ./ drwxrwxr-x 27 root wheel - 1024 Apr 10 08:06 ../ [snip] drwxr-xr-x 2 bin bin - 2048 Mar 20 22:18 sbin/ jmb Jonathan M. Bresler jmb@kryten.atinc.com | Analysis & Technology, Inc. | 2341 Jeff Davis Hwy play go. | Arlington, VA 22202 ride bike. hack FreeBSD.--ah the good life | 703-418-2800 x346
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.3.89.9504122242.D10403-0100000>