Date: Sat, 16 Sep 1995 10:00:25 +0200 (MET DST) From: Piero Serini <piero@strider.ibenet.it> To: nate@rocky.sri.MT.net (Nate Williams) Cc: security@Freebsd.org, core@Freebsd.org Subject: Re: forwarded message from Grant Haidinyak Message-ID: <199509160800.KAA05308@strider.ibenet.it> In-Reply-To: <199509152018.OAA17249@rocky.sri.MT.net> from "Nate Williams" at Sep 15, 95 02:18:06 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Hello. Quoting from Nate Williams (Fri Sep 15 22:18:06 1995): > [ Quick background. Grant has been experiencing a bug whereby folks are > re-connected to login which were abruptly dis-connected from a machine. > This is a *HUGE* security hole if it is indeed true. ] ... Yes it is. It was so in 2.0.0-SNAP950322, and was reported at least 4 months ago. It can be repeated by (on 2.0.0-SNAP): - login - startx - run 'su' and an xterm from there - write down the pty # - hit ctrl-alt-delete - from another machine, telnet into yours until your pty is = the one you wrote down - play with the root shell. Even comands go the the root shell, odd ones to yours I think. Bye, -- # $Id: .signature,v 1.12 1995/08/14 12:10:54 piero Exp $ Piero Serini Via Giambologna, 1 <Piero@Free.IT> I 20136 Milano - ITALY
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199509160800.KAA05308>