Vulnerability Development mailing list archives
Re: redhat 6.1 mail
From: lmpinto () STUDENT DEI UC PT (Luis Pinto)
Date: Thu, 23 Mar 2000 18:28:40 +0000
On Mon, 20 Mar 2000, jan bakker wrote:
hello fello root's, one day i found that redhat 6.1 takes not only suid bits but also guid. you are owner of your mail file but it still belongs to the group mail so void(){ set suid bit to user; set guid bit to 6; }
Excuse me, how do you think you can do the above without being root, and without belonging to the mail group?
now you can read other people mail but, 6 is lower than 15 so at some systems you can add new users !!! even a root user !!!
Huh? Regards, Luis Pinto ----------------------------------------------- http://student.dei.uc.pt/~lmpinto ICQ #15663369 ----------------------------------------------- "Open source software - with no walls and fences, who needs Windows and Gates?"
Current thread:
- redhat 6.1 mail jan bakker (Mar 20)
- Re: redhat 6.1 mail H D Moore (Mar 22)
- Re: redhat 6.1 mail Michal Zalewski (Mar 24)
- Re: redhat 6.1 mail Christopher Rhodes (Mar 24)
- Re: redhat 6.1 mail Luis Pinto (Mar 23)
- Re: redhat 6.1 mail H D Moore (Mar 22)