From owner-freebsd-stable Mon Jul 12 5: 3:46 1999 Delivered-To: freebsd-stable@freebsd.org Received: from atdot.dotat.org (atdot.dotat.org [150.101.89.3]) by hub.freebsd.org (Postfix) with ESMTP id 99E9A14E2C; Mon, 12 Jul 1999 05:03:21 -0700 (PDT) (envelope-from newton@atdot.dotat.org) Received: (from newton@localhost) by atdot.dotat.org (8.9.3/8.7) id VAA05155; Mon, 12 Jul 1999 21:26:21 +0930 (CST) From: Mark Newton Message-Id: <199907121156.VAA05155@atdot.dotat.org> Subject: Re: 3.x backdoor rootshell security hole To: mike@sentex.net (Mike Tancsa) Date: Mon, 12 Jul 1999 21:26:21 +0930 (CST) Cc: security@FreeBSD.ORG, stable@FreeBSD.ORG In-Reply-To: <4.1.19990712080116.053e4430@granite.sentex.ca> from "Mike Tancsa" at Jul 12, 99 08:05:03 am X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Mike Tancsa wrote: > Has anyone looked at the articled below ? Here is a quote, > "The following module was a nice idea I had when playing around with the > proc structure. Load this module, and you can 'SU' without a password. If you have enough privileges to load a module, you have enough privileges to su without a password already (by creating an suid shell, for example) - mark -------------------------------------------------------------------- I tried an internal modem, newton@atdot.dotat.org but it hurt when I walked. Mark Newton ----- Voice: +61-4-1620-2223 ------------- Fax: +61-8-82231777 ----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message