/usr/spool/mail

utzoo!decvax!ucbvax!unix-wizards utzoo!decvax!ucbvax!unix-wizards
Sat Sep 5 00:15:36 AEST 1981


>From MathStat.jmrubin at Berkeley Sat Sep  5 00:05:05 1981
	From csvax:unix-wizards Thu Sep  3 10:30:20 1981
	Subject: Re: /usr/spool/mail
	Newsgroups: fa.unix-wizards
	>From menlo70!hao!woods at Berkeley Thu Sep  3 10:21:02 1981
	
	  Perhaps this is my ignorance showing through, but I don't see how 
	having /usr/spool/mail writable can allow you to become the super-user.
	Perhaps you could illegally read other's mail, but...
	
	P.S. Ours is not writable.
	
	             GREG (ucbvax!menlo70!hao!woods)
	
	
	
	
	I believe what is being referred to is the following:
Suppose that /etc and /usr/spool/mail are on the same disk (which is
extremely likely.)  Link /etc/passwd to somebody's mailbox.  (remove
an empty one if necessary).  Then, mail a line like:
abc::0:2::/:
to said mailbox. Now, % su abc
You're user id will be set to 0--you are root.
	Of course, the first thing you will want to do is to remove as
much of the evidence that you can.



More information about the Comp.unix.wizards mailing list