On Mon, 29 Jun 1998, Niall Smart wrote: > On Jun 26, 8:41am, Tim Newsham wrote: > } Subject: Re: Vulnerability in 4.4BSD Secure Levels Implementation > > > > > > - The syslogd daemon can be covertly compromised, so no useful > > > information ever gets logged to the protected system logs. But at > > > least no-one can modify the useless information. > > > > Be smart, niall, syslog can only be compromised after the system > > has been compromised. uhm, not necessarily. The pinelock.csh script I wrote around 12/97 and posted to bugtraq could kill syslogd if root opens up two sessions of pine. It is a local exploit. http://kepler.poly.edu/~rharri01 iconoclastat_private -Iconoclast
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:00:55 PDT