From owner-freebsd-hackers Fri Aug 1 20:49:11 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id UAA29842 for hackers-outgoing; Fri, 1 Aug 1997 20:49:11 -0700 (PDT) Received: from genesis.atrad.adelaide.edu.au (genesis.atrad.adelaide.edu.au [129.127.96.120]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id UAA29837 for ; Fri, 1 Aug 1997 20:49:08 -0700 (PDT) Received: (from msmith@localhost) by genesis.atrad.adelaide.edu.au (8.8.5/8.7.3) id NAA08948; Sat, 2 Aug 1997 13:17:58 +0930 (CST) From: Michael Smith Message-Id: <199708020347.NAA08948@genesis.atrad.adelaide.edu.au> Subject: Re: security hole on FreeBSD 2.2.2 In-Reply-To: from Tom Samplonius at "Aug 1, 97 05:26:23 pm" To: tom@sdf.com (Tom Samplonius) Date: Sat, 2 Aug 1997 13:17:58 +0930 (CST) Cc: black@zen.cypher.net, lenzi@bsi.com.br, hackers@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Tom Samplonius stands accused of saying: > > On Fri, 1 Aug 1997, Ben Black wrote: > > > exactly. i have no clue what this guy is talking about. > > Exactly. It looks like this guy installed some bogus software, probably > setuid to root, that has a gaping hole in it. The "bogus software" is Perl. "superl" should have been "sperl", and my last world build of -stable left me with : silver:~>ls -l /usr/bin/sperl* ---s--x--x 2 root bin 286720 Jun 7 18:35 /usr/bin/sperl4.036 Naturally, I don't leave it installed on public machines; setuid script interpreters are a Really Bad Idea. -- ]] Mike Smith, Software Engineer msmith@gsoft.com.au [[ ]] Genesis Software genesis@gsoft.com.au [[ ]] High-speed data acquisition and (GSM mobile) 0411-222-496 [[ ]] realtime instrument control. (ph) +61-8-8267-3493 [[ ]] Unix hardware collector. "Where are your PEZ?" The Tick [[