Bugtraq mailing list archives
Re: Security Info (root broken) (fwd)
From: neil () legless demon co uk (Neil Woods)
Date: Sun, 9 Oct 1994 16:14:27 +0100 (GMT+0100)
I dont know about you guys but having used and proved all of the binmail exploit scripts the quick and dirty fix for them is put this in rc.local: /bin/touch /usr/spool/mail/root /bin/touch /usr/spool/mail/sysdiag /bin/touch /usr/spool/mail/sundiag /bin/touch /usr/spool/mail/[any other uid 0 acct]
It's advisable to do the same for non uid 0 accounts too, particularly ones that can offer improved chances of breaking root. Source to create mailboxes for all users was included in advisory [8lgm]-Advisory-5.UNIX.mail.24-Jan-1992. Neil P.S. I don't want to see any censorship of bugtraq. Delete what you don't want to see, it's easily done. I'd be even more bored with life if everyone did as I saw fit! -- Bull in the Heather, Me and My Charms, The Lights, Sensual World, Go, Ritual, Handsome and Gretel, Take Me, Blue Room, Drunken Butterfly, She's Lost Control. ...like a badger with an afro throwing sparklers at the Pope...
Current thread:
- Re: Security Info (root broken) (fwd) Neil Woods (Oct 09)