Crackers and Worms

Doug Gwyn gwyn at smoke.BRL.MIL
Fri Nov 18 14:19:27 AEST 1988


In article <1308 at zippy.eecs.umich.edu> cja at crim.eecs.umich.edu (Charles J. Antonelli) writes:
>consider the statement contradicted.  daemon is just another non-root uid.

Not quite right.  Several "system" UIDs/GIDs can be exploited to cause
a variety of unanticipated actions, some of which can eventually yield
superuser access rights.  The cron system is an obvious candidate for
this since at some point a superuser-privileged process handles the
files.

Even a system administrator or programmer's account may be enough to
sneak a Trojan horse into a system, which can if it wishes wait until
invoked by UID 0 to do further mischief.



More information about the Comp.unix.wizards mailing list