Date: Mon, 24 Jun 1996 17:14:07 -0700 (PDT) From: -Vince- <vince@mercury.gaianet.net> To: Poul-Henning Kamp <phk@FreeBSD.org> Cc: Matthew Jason White <mwhite+@CMU.EDU>, Mark Murray <mark@grumble.grondar.za>, Wilko Bulte <wilko@yedi.iaf.nl>, "Jordan K. Hubbard" <jkh@time.cdrom.com>, guido@gvr.win.tue.nl, hackers@FreeBSD.org, security@FreeBSD.org, ache@FreeBSD.org, Chad Shackley <chad@mercury.gaianet.net>, jbhunt <jbhunt@mercury.gaianet.net> Subject: Re: I need help on this one - please help me track this guy down! Message-ID: <Pine.BSF.3.91.960624171334.21697P-100000@mercury.gaianet.net> In-Reply-To: <1092.835661388@critter.tfs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 24 Jun 1996, Poul-Henning Kamp wrote: > > Yeah, that's the real question is like if he can transfer the > >binary from another machine and have it work... other people can do the > >same thing and gain access to FreeBSD boxes as root as long as they have > >a account on that machine... > > The binary is an ordinary shell with a setuid bit. Hmmm, how did they get the file into their account with the setuid bit? Vince
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960624171334.21697P-100000>