From owner-freebsd-security  Fri Aug 21 00:03:28 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA20122
          for freebsd-security-outgoing; Fri, 21 Aug 1998 00:03:28 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from time.cdrom.com (time.cdrom.com [204.216.27.226])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA20117
          for <security@freebsd.org>; Fri, 21 Aug 1998 00:03:27 -0700 (PDT)
          (envelope-from jkh@time.cdrom.com)
Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1])
	by time.cdrom.com (8.8.8/8.8.8) with ESMTP id AAA29371
	for <security@freebsd.org>; Fri, 21 Aug 1998 00:02:54 -0700 (PDT)
	(envelope-from jkh@time.cdrom.com)
To: security@FreeBSD.ORG
Subject: Scaring the bezeesus out of your system admin as a normal user:
Date: Fri, 21 Aug 1998 00:02:54 -0700
Message-ID: <29367.903682974@time.cdrom.com>
From: "Jordan K. Hubbard" <jkh@time.cdrom.com>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

% logger -p auth.notice -t su crackman to root on ttyp1

I'd suggest that /var/run/log should have 0600 permissions but that
would certainly screw over a few of syslog(3)'s current users.

Hmmmm.  No quick ideas here. :)

- Jordan

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message