On Sat, 1 May 1999, Desync wrote: > Where do you draw the line between poor system managment and exploitable > programs. If I set suid root on /bin/bash, is that to say its an > exploit? > > Obviously, someone would have to remove clock for this to occur. Which > would conclude that either A) you had incorrect permissions for clock B) > they had allready used some means of another true exploit to cause other > program to misbehave. Not necessarily. Maybe there was never a 'clock' on the system to begin with; since the real 'clock' binary was phased out of the util-linux sources a year or so ago, what you get varies by Linux distribution. On Red Hat, 'clock' is a symbolic link to 'hwclock', a newer utility. On Slackware, we continue to maintain a 'clock' binary as part of our util-linux package (in addition to the newer 'hwclock'). Other distributions may not provide any binary or link for 'clock', relying solely on 'hwclock'. Take care, Pat
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:44:38 PDT