David Cushing said: > I was able to reproduce this on a Solaris 8 sparc machine with > different tolerances: > > [288] uname -a > SunOS hostname 5.8 Generic_108528-08 sun4u sparc SUNW,Ultra-60 > [289] /usr/dt/bin/dtterm -tn `perl -e 'print "A"x1083'` > Segmentation Fault(coredump) > [297] /usr/dt/bin/dtterm -tn `perl -e 'print "A"x2083'` > Bus Error(coredump) Although the above is indeed the case: # uname -a SunOS hostname 5.8 Generic_108528-07 sun4u sparc SUNW,Sun-Fire # ls -l /usr/dt/bin/dtterm -r-xr-xr-x 1 bin bin 47312 Dec 2 1999 /usr/dt/bin/dtterm # egrep dtterm SUNWdtbas/pkgmap 1 f none dt/bin/dtterm 0555 bin bin 47312 21292 944116615 1 f none dt/config/dtterm.tc 0444 bin bin 696 54239 944111243 1 f none dt/config/dtterm.ti 0444 bin bin 1382 37571 944111243 This means that provided you have a default install, root compromise is not possible on Solaris 8. Regards, Rob -- Sun Microsystems CPRE-EMEA Weave a circle round him thrice, mailto: Rob.Bartlettat_private And close your eyes with holy dread, Tel: +44 1276-455-299 For he on honey-dew hath fed, Mobile: +44 7710-901-702 And drunk the milk of Paradise.
This archive was generated by hypermail 2b30 : Wed Oct 03 2001 - 13:05:29 PDT