Bugtraq mailing list archives

/usr/lib/utmp_update musings

From: paul () argo demon co uk (Paul Ashton)
Date: Tue, 23 May 95 21:42 BST


As nobody yet seems to have pointed out: it is trivial to change a utmp
slot to show root or anybody in the entry for a slot pointing to ../tmp/x
as the device, as long as you make a symlink in /tmp/x to point to a
validly owned device that responds to a TCGETA ioctl. Surely this
brings a multitude of problems with it (it did get me root with in.comsatd
in a rather far-fetched way)?

Cheers,
Paul

Current thread:

Muffett's AuotHack Julian Assange (May 22)
- Re: Muffett's AuotHack Karl Strickland (May 22)
- Re: Muffett's AuotHack Jas (May 22)
  - Re: Muffett's AuotHack Dave Horsfall (May 22)
  - Muffett's AuotHack Alec Muffett (May 23)
    - Re: Muffett's AuTOHack + [8lgm] sendmail advisory Neil Woods (May 23)
    - /usr/lib/utmp_update musings Paul Ashton (May 23)
  - Re: Muffett's AuotHack Karl Strickland (May 23)
- Muffett's AuotHack Scott D. Yelich (May 22)
- <Possible follow-ups>
- Re: Muffett's AuotHack Tim Scanlon (May 23)
- Re: Muffett's AuotHack andy () btc uwe ac uk (May 23)
  - Re: Muffett's AuotHack Pat Wilson (Dec 13)
- Re: Muffett's AuotHack Karl Strickland (May 23)
- Re: Muffett's AuotHack Tim Scanlon (May 23)