Re: Little exploit for startup scripts (SCO 5.0.4p).

From: Taneli Leppä (rosmoat_private)
Date: Mon Mar 08 1999 - 08:37:45 PST

Next message: iversen: "Re: More Internet Explorer zone confusion"

Previous message: Georgi Guninski: "Netscape Communicator find() vulnerabilities"
Maybe in reply to: leshka: "Little exploit for startup scripts (SCO 5.0.4p)."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 8 Mar 1999 08:43:15 +0100, Peter van Dijk wrote:

>No. rm -f removes just the symlink, not the target file.

Actually the script won't delete any script, instead
it will overwrite any file:

# S84rpcinit:
# ...
#       /bin/su root -c "/bin/ps -ef" > /tmp/rpc$$ 2>/tmp/rpc.err$$
#       /bin/rm -f /tmp/rpc.err$$

Now if /tmp/rpc$$ was symlinked to another file, it would
be overwritten with output from /bin/ps... right? :-)

Regards,
Taneli
--
| Taneli Leppä <rosmoat_private>, <http://www.rosmo.sektori.com>
| GSM: +358505485242 - Tärkeimmät uutiset: http://uutiset.icon.fi

Next message: iversen: "Re: More Internet Explorer zone confusion"
Previous message: Georgi Guninski: "Netscape Communicator find() vulnerabilities"
Maybe in reply to: leshka: "Little exploit for startup scripts (SCO 5.0.4p)."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:38:15 PDT