Vulnerability Development mailing list archives
Re: volcheck and sol 8
From: arboi () BIGFOOT COM (Michel Arboi)
Date: Thu, 20 Jul 2000 22:20:39 +0200
"MP" == Matthew Potter <mpotter () ATPCO COM> writes:
MP> Anyone notice when they insert their goodies CD(the one with MP> the GNU Tools) from Solaris 8 that it auto runs a script MP> called volstart. Which user is running volstart? root? MP> So what happens if I make my own CD with a little shell script MP> which calls a prebuilt binary with a setuid and setgid 0 , MP> then system("/bin/sh").... or what ever i want. I am not sure there is a way to set the setUID bit on a CD (are UFS CD still supported?), however, you may not need this. MP> It's silly since i have physical access anyways.... This way, you can send a CD with a trojan horse. Funny... This is a classical trick on Windows. "Always disable the autorun feature" :) -- mailto:arboi () bigfoot com http://www.bigfoot.com/~arboi/ GPG Public keys: http://www.bigfoot.com/~arboi/pubkey.txt
Current thread:
- Re: volcheck and sol 8 Dimitry Andric (Jul 20)
- <Possible follow-ups>
- Re: volcheck and sol 8 Michel Arboi (Jul 20)
- Re: volcheck and sol 8 Matthew Potter (Jul 20)
- Re: volcheck and sol 8 Marius Banica (Jul 20)
- Re: volcheck and sol 8 Jeffrey Karpenko (Jul 21)
- Re: volcheck and sol 8 Havens, Peter (Jul 21)
- Re: volcheck and sol 8 Michel Arboi (Jul 21)
- Re: volcheck and sol 8 Sarel J. Botha (Jul 23)
- Re: volcheck and sol 8 Brian Scanlan (Jul 24)