Bugtraq mailing list archives

Re: Troff dangerous.

From: peak () ARGO TROJA MFF CUNI CZ (Pavel Kankovsky)
Date: Sun, 25 Jul 1999 15:48:25 +0200


On Fri, 23 Jul 1999, Pawel Wilk wrote:

If you want your system safe,
don't look as root
at manual page.


The dangerous instructions (.pso, .open/.opena) are probably GNU
troff (aka groff) specific. Little (if any) functionality would be
lost if the were removed for the sake of safety.

Nevertheless, this does not imply other implementations must be
absolutely safe: for example, there are probably ways to abuse .so as
well (.so /dev/zero, .so /dev/kmem, .so some-system-fifo...).

--Pavel Kankovsky aka Peak  [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."

Current thread:

Re: ping -R causes kernel panic on a forwarding machine ( 2.2.5 a nd 2 .2.10) Andrej Todosic (Jul 22)
- Re: ping -R causes kernel panic on a forwarding machine ( 2.2.5 a nd 2 .2.10) Richard Bouska (Jul 22)
- Do these patches fix the rpc.cmsd hole? Tim Ramsey (Jul 22)
- L0pht Heavy Industries - AntiSniff Alex Yu (Jul 23)
- Trojan Horse Guard - Cassandra GOLD Release. Jonathan James (Jul 23)
- Troff dangerous. Pawel Wilk (Jul 23)
  - New way to pay in advance for ToorCon '99 in San Diego, California Ben (Jul 24)
  - Re: Troff dangerous. CyberPsychotic (Jul 25)
  - Re: Troff dangerous. Pavel Kankovsky (Jul 25)
    - Re: Troff dangerous. Warner Losh (Jul 27)
  - Re: Troff dangerous. Julian Squires (Aug 02)
    - Re: Troff dangerous. Olaf Kirch (Jul 26)
    - IBM-ERS Security Vulnerability Alert: IBM AIX: Non-root users can cause the system to crash ibm-ers () ERS IBM COM (Jul 26)
- Redhat 6.0 cachemgr.cgi lameness daniel () NEWS GUS NET (Jul 23)
  - Re: Redhat 6.0 cachemgr.cgi lameness Henrik Nordstrom (Jul 25)