Date: Thu, 10 Sep 1998 13:44:03 -0400 (EDT) From: Snob Art Genre <benedict@echonyc.com> To: Jay Tribick <netadmin@fastnet.co.uk> Cc: security@FreeBSD.ORG Subject: Re: cat exploit Message-ID: <Pine.GSO.4.02.9809101342480.6345-100000@echonyc.com> In-Reply-To: <Pine.BSF.3.96.980910174455.1831g-100000@bofh.fast.net.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 10 Sep 1998, Jay Tribick wrote: > That's exactly what I was saying - just for example, say your installing > something as root you usually cat the file INSTALL to find out what > you need to do - it would be relatively simple to embed a command > in there to just rm -rf / & your hd! 1) No, you use less. 2) So you've figured out how to execute arbitrary commands from this? I'm not saying that's not possible, but so far the only thing this "bug" does is output the name of xterm. Ben "You have your mind on computers, it seems." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.02.9809101342480.6345-100000>