bug in su (Slackware 3.4)

From: Peter van Dijk (peterat_private)
Date: Sun Mar 15 1998 - 09:32:26 PST

Next message: Bill Becker: "Re: BSD/OS 3.0 config_anonftp script"

Previous message: Peter van Dijk: "/tmp race in Linux kernel source!"
Next in thread: Martin Schulze: "Re: bug in su (Slackware 3.4)"
Reply: Martin Schulze: "Re: bug in su (Slackware 3.4)"
Reply: Martin Schulze: "Re: bug in su (Slackware 3.4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If sulog file logging is enabled in /etc/login.defs (shadowing installed!)
and su has never been used, a user can set his umask to 0 and then run su.
/var/log/sulog will then be created mode 666, which means user can use su
to try lots of passwords and then, when done, do something like
cat /dev/null > /var/log/sulog
and clear out the logfile.
Same goes for sudo.
Note: everything will still be logged in syslog (unless disabled!)

Greetz, Peter.

------------------------------------------------------------------------------
 'Selfishness and separation have led me to   .      Peter 'Hardbeat' van Dijk
  to believe that the world is not my problem .    network security consultant
  I am the world. And you are the world.'     .               (yeah, right...)
          Live - 10.000 years (peace is now)  .        peterat_private
------------------------------------------------------------------------------
  6:25pm  up 1 day,  4:22,  5 users,  load average: 0.69, 0.22, 0.07
------------------------------------------------------------------------------

Next message: Bill Becker: "Re: BSD/OS 3.0 config_anonftp script"
Previous message: Peter van Dijk: "/tmp race in Linux kernel source!"
Next in thread: Martin Schulze: "Re: bug in su (Slackware 3.4)"
Reply: Martin Schulze: "Re: bug in su (Slackware 3.4)"
Reply: Martin Schulze: "Re: bug in su (Slackware 3.4)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:46:22 PDT