Vulnerability Development mailing list archives
Re: redhat 6.1 mail
From: lmpinto () STUDENT DEI UC PT (Luis Pinto)
Date: Thu, 23 Mar 2000 18:28:40 +0000
On Mon, 20 Mar 2000, jan bakker wrote:
hello fello root's,
one day i found that redhat 6.1 takes not only suid bits but also guid.
you are owner of your mail file but it still belongs to the group mail
so
void(){
set suid bit to user;
set guid bit to 6;
}
Excuse me, how do you think you can do the above without being
root, and without belonging to the mail group?
now you can read other people mail but, 6 is lower than 15 so at some systems you can add new users !!! even a root user !!!
Huh?
Regards,
Luis Pinto
-----------------------------------------------
http://student.dei.uc.pt/~lmpinto ICQ #15663369
-----------------------------------------------
"Open source software - with no walls and fences,
who needs Windows and Gates?"
Current thread:
- redhat 6.1 mail jan bakker (Mar 20)
- Re: redhat 6.1 mail H D Moore (Mar 22)
- Re: redhat 6.1 mail Michal Zalewski (Mar 24)
- Re: redhat 6.1 mail Christopher Rhodes (Mar 24)
- Re: redhat 6.1 mail Luis Pinto (Mar 23)
- Re: redhat 6.1 mail H D Moore (Mar 22)