SECURITY BUG IN INTERACTIVE UNIX SYSV386
Rob Healey
rhealey at digibd.com
Fri Feb 22 08:51:28 AEST 1991
In article <1991Feb15.134715.16979 at virtech.uucp> cpcahil at virtech.uucp (Conor P. Cahill) writes:
> 2. I wholeheartly DISAGREE with you posting the source code which
> performs the security bypass. You could have just posted the
> uuencoded binary which would have been enough to prove your point
> without making it extremely easy for any two bit user to obtain
> privileged access. Yes a dedicated hacker could have decoded
> your explanation and/or the binary and figure out how to replicate
> your code, but the number of those is MUCH less than the number
> of people who can now violate the security of the system using
> your posted code.
>
> POSTING THE CODE WAS DEAD WRONG.
>
Ummm, how many people out there are willing to run a uuencoded
BINARY on your system that reportedly will have root access
while it is running? Can you say MASSIVE virus possibility?
How could all the other OS's have DEFINITIVLY checked for the
error assuming the supposedly ABI systems weren't quite?
POSTING THE CODE WAS THE DEAD RIGHT THING TO DO.
As a responsible sys. admin I would NEVER run a binary of that
type without CAREFULLY examining the source code first. The chance
for a VIRUS is just too great. I can always pull my modems and
"lash" offending users. Once a virus is planted into my system
with a binary how do I flush it out FOR SURE?
'Nuff said,
-Rob
Speaking for self, not company.
More information about the Comp.unix.sysv386
mailing list