who

From: Paul Boehm (paulat_private)
Date: Tue Jul 28 1998 - 11:27:21 PDT

Next message: Paul Boehm: "netscape mail overflow(another one)"

Previous message: Chris Wedgwood: "Re: Fwd: Any user can panic OpenBSD machine"
Next in thread: Paul Boehm: "Re: who"
Reply: Paul Boehm: "Re: who"
Reply: Alan Cox: "Re: who"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,
the 'who' program is on some systems in a privileged group
which is allowed to read utmp. On redhat linux 5.1 you can
easily crash who by many different ways (e.g. try who /bin/bash)
on freebsd you can use it to view parts of the content of files that
privileged group may read(try who /privileged/group/file).

this is no big deal with security, but gaining a more privileged group
sometimes may be the key to root compromise.

bye,
    pb

--

[ Paul S. Boehm | paulat_private | http://paul.boehm.org/ | infected@irc ]

Money is what gives a programmer his resources. It's an exchange system created
by human beings. It surrounds us. Works for us, binds the economy together.

Next message: Paul Boehm: "netscape mail overflow(another one)"
Previous message: Chris Wedgwood: "Re: Fwd: Any user can panic OpenBSD machine"
Next in thread: Paul Boehm: "Re: who"
Reply: Paul Boehm: "Re: who"
Reply: Alan Cox: "Re: who"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:09:30 PDT