Bugtraq mailing list archives
Re: bin ownership problem
From: Brad.Powell () ebay sun com ( Brad Powell - Sun CIS)
Date: Thu, 19 May 94 10:12:22 PDT
A prime example is /usr/games/chesstool on sunos 4.1.x machines. It came setuid bin for some unknown reason (I have this theory there is someone assigned at sun to just put random permissions on programs before they hit the cd :-). Well, if you pop up sunview which is needed to run this, you can get any program you want run as user bin. And guess what, /etc is owned by bin on a standard install.
we had to change the setuid to bin when we changed the ownership of /etc to bin. Otherwise you couldn't use chesstool to break root :-) :-) (that was a joke for the smiley impaired btw) Seriously though this was done so that it could write a high score file. STUPID idea I know, but back a dozen years or so ago life was simplier the grass was greener, and system-crackers were rare. :-) The late 70's and 80's were the years when the emphasis was on getting every computer system to talk to and work with every other computer system. Now in the 90's we are trying to shut them up. :-0 Lesson; Watch out for setuid/setgid programs that allow a shell escape :-) :-\ :-| ======================================================================= Brad Powell : brad.powell () Sun COM | | Full Time: Sr. Network Security Analyst |Part time: Cyberspace PI ENS Network Security Group | and Consultant Sun Microsystems Inc. | ======================================================================= The views expressed are those of the author and may not reflect the views of Sun Microsystems Inc. =======================================================================
Current thread:
- Re: bin ownership problem George Hodson (May 19)
- <Possible follow-ups>
- Re: bin ownership problem Brad Powell - Sun CIS (May 19)
- Re: bin ownership problem Perry E. Metzger (May 19)
- source routing kernel hack Brad Powell - Sun CIS (May 19)
- Re: bin ownership problem Karl Strickland (May 19)
- bosperf bug THOMAS P. WALPOLE (May 19)
- Re: bosperf bug Rick Weldon, Sys. Adm 55060 (May 20)
- Re: bosperf bug Aggelos D. Keromitis (May 20)