Bugtraq mailing list archives
Re: HP-UX Problem...
From: andrewh () cs hmc edu (Andrew Hughes)
Date: Mon, 20 Feb 1995 13:29:32 -0800 (PST)
Did HP ever fix the diagnostic program that was SUID root, and would read any file as a directive file? I found it amusing to run this, and have it report "blah is unrecognized" for each line, where "blah" is the contents of each line, one at a time, of any system file, regardless of ownership and mode ;-) I told the HP rep that came in to do some performance tuning for us, but I don't know what he did or did not do about it.
Assuming you're talking about sysdiag with the "usefile" command, it seems to have been fixed as of DUI Version A.02.24, if not before (I'm just going by the version info it prints out when run). You get a SECURITY VIOLATION error message or some such if you try to look at afile you shouldn't. :-) AndrewH
Current thread:
- mail.local.c patch Jon Peatfield (Feb 18)
- MAILING REQUEST Anonymous the XXIIV (Feb 18)
- Re: mail.local.c patch Neil Woods (Feb 18)
- Re: mail.local.c patch Christopher Samuel (Feb 20)
- HP-UX Problem... Mr Martin J Hargreaves (Feb 19)
- Re: HP-UX Problem... Aaron Sherman (Feb 20)
- Re: HP-UX Problem... Andrew Hughes (Feb 20)
- Bugtraq mailing list William B. Chmura (Feb 21)
- fcntl() file locking under Solaris 2.4 Jas (Feb 21)
- Re: fcntl() file locking under Solaris 2.4 Jas (Feb 22)
- snooper watchers Ben Taylor (Feb 22)
- Re: snooper watchers Eric Conrad (Feb 22)
- Re: snooper watchers Ben Taylor (Feb 22)
- CERT Advisory CA-95:05.sendmail.vulnerabilities (fwd) Paul 'Shag' Walmsley (Feb 22)
- Re: CERT Advisory CA-95:05.sendmail.vulnerabilities (fwd) Dave Schweisguth (Feb 23)
- Sendmail 8.6.9 security hole Igor V. Semenyuk (Feb 22)
- Re: Sendmail 8.6.9 security hole Christopher Samuel (Feb 23)
- Re: HP-UX Problem... Aaron Sherman (Feb 20)