Bugtraq mailing list archives
Re: ? Trojan /usr/bin/false ?
From: alan () cableol net (Alan Cox)
Date: Tue, 13 Aug 1996 17:52:15 +0100
(Besides some silly Copyright and Version Information from AT&T). Is there a possibility that through obscure circumstances a user having /bin/false or /bin/true as a login shell ends up with /sbin/sh ?
Just about. If your telnetd/rlogind/su propogates IFS then a user can do IFS=" i" export IFS su i not found or similar error : [they end up in ex] set shell=/sbin/sh !sh
Current thread:
- Re: ? Trojan /usr/bin/false ? Bernd Lehle (Aug 13)
- Re: ? Trojan /usr/bin/false ? Alan Cox (Aug 13)