Bugtraq mailing list archives

Re: Possible Linuxconf Vulnerability

From: neale () LOWENDALE COM AU (Neale Banks)
Date: Mon, 3 May 1999 22:41:09 +1000


On Sat, 1 May 1999, Desync wrote:

[...]

Obviously, someone would have to remove clock for this to occur. Which
would conclude that either A) you had incorrect permissions for clock B)
they had allready used some means of another true exploit to cause other
program to misbehave.


No, this is not "obvious".  Maybe OpenLinux, like Debian, doesn't have a
/sbin/clock? Debian has a /sbin/hwclock, which I suspect has the
functionality Linuxconf is looking for.  The "problem" may well be
Linuxconf _presuming_ the existence of /sbin/clock.

If someone really wanted to do some damage with physical access to a
machine, popping a rescue disk set into the drive and rebooting with the
reset switch would do fine.


Agreed: there is much to be said for the assertion "physical access ==
game over".

Regards,
Neale.

Current thread:

Re: Possible Linuxconf Vulnerability Desync (May 01)
- Re: Possible Linuxconf Vulnerability Patrick J. Volkerding (May 01)
- Re: Possible Linuxconf Vulnerability Neale Banks (May 03)
- FW: NT Security: Domain user adding self to Domain Admin group. Gary Kalbfleisch (May 03)
- MSIE 5 favicon bug Flavio Veloso (May 03)
- <Possible follow-ups>
- Re: Possible Linuxconf Vulnerability Dan Merillat (May 05)