Bugtraq mailing list archives
/usr/lib/utmp_update musings
From: paul () argo demon co uk (Paul Ashton)
Date: Tue, 23 May 95 21:42 BST
As nobody yet seems to have pointed out: it is trivial to change a utmp slot to show root or anybody in the entry for a slot pointing to ../tmp/x as the device, as long as you make a symlink in /tmp/x to point to a validly owned device that responds to a TCGETA ioctl. Surely this brings a multitude of problems with it (it did get me root with in.comsatd in a rather far-fetched way)? Cheers, Paul
Current thread:
- Muffett's AuotHack Julian Assange (May 22)
- Re: Muffett's AuotHack Karl Strickland (May 22)
- Re: Muffett's AuotHack Jas (May 22)
- Re: Muffett's AuotHack Dave Horsfall (May 22)
- Muffett's AuotHack Alec Muffett (May 23)
- Re: Muffett's AuTOHack + [8lgm] sendmail advisory Neil Woods (May 23)
- /usr/lib/utmp_update musings Paul Ashton (May 23)
- Re: Muffett's AuotHack Karl Strickland (May 23)
- Muffett's AuotHack Scott D. Yelich (May 22)
- <Possible follow-ups>
- Re: Muffett's AuotHack Tim Scanlon (May 23)
- Re: Muffett's AuotHack andy () btc uwe ac uk (May 23)
- Re: Muffett's AuotHack Pat Wilson (Dec 13)
- Re: Muffett's AuotHack Karl Strickland (May 23)
- Re: Muffett's AuotHack Tim Scanlon (May 23)