Date: Thu, 21 Sep 2000 22:32:53 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: "Yuri A. Wolf" <subs@proxy.obk.ru> Cc: freebsd-security@FreeBSD.ORG Subject: I thinked it is fixed Message-ID: <200009220232.WAA10152@khavrinen.lcs.mit.edu> In-Reply-To: <Pine.BSF.4.21.0009220852070.20938-100000@proxy.obk.ru> References: <Pine.BSF.4.21.0009220852070.20938-100000@proxy.obk.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Fri, 22 Sep 2000 09:26:54 +0700 (NOVST), "Yuri A. Wolf" <subs@proxy.obk.ru> said: > 1. Login normally as root > 2. Do the next > #/usr/bin/login -f userx > Now I'm non-root user 'userx'. > 3. Exit back > $^D > # > Now I'm root, right? But try to do "who", "who am i", "finger", they all > say 'userx'. Don't do that then. (Perhaps login(8) should fail if it's not the session leader. I'm not sure there's actually a way to reliably detect whether it is or not.) -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200009220232.WAA10152>