Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Kill the DOG and win 100 000 DM

From: //Stany <stany () NOTBSD ORG>
Date: Sun, 5 Nov 2000 21:50:44 -0500
On Mon, 6 Nov 2000, Jay Tribick wrote:


Actually the easiest way to do it without wading through the compatibility
list is to put the patch(es) on first, and then install Pitbull on top (the
Pitbull installation is set of kernel + user level patches and can be
installed on an already running system.)


Not true.  The installation would complain about the patches installed
being newer then the ones it's installing, and abort the install.   Trust
me, I tried. ;-)


root password is rather useless to give out as even stock Solaris will not
let one to log in over the network as user, same thing is for isso/sa/so
users on PBF MU 3.0, and it's unlikely that there will be any other
accounts.


root doesn't actually have any privileges on a Pitbull system.. he's
just a normal user (out of the box..)


Actually that's not strictly true either - root user has enough
priviledges to allow the system to boot on power on (not the OBP security
levels, but the  PB authentication to let system finish booting up), but
that's about it, yes.


..if anyone would like Jeff Thompsons talk from Defcon 7 on "Hacking B1
Trusted Operating Systems", send me an email and I'll put it up somewhere.


Sure, please.   Knowledge is power, and all that...

Signed:
//Stany
--
+-------+ Stanislav N Vardomskiy - Procurator Odiosus Ex Infernis[TM] +-------+
| "Backups we have; it's restores that we find tricky." Richard Letts at ASR  |
| This message is powered by JOLT!  For all the sugar and twice the caffeine. |
+--------+ My words are my own.  LARTs are provided free of charge. +---------+
Previous By Date Next
Previous By Thread Next

Current thread: