[1199] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: sigh. another Irix 5.2 hole.

daemon@ATHENA.MIT.EDU (Paul 'Shag' Walmsley)
Tue Mar 7 15:11:59 1995

Date: Tue, 7 Mar 1995 12:01:40 -0600 (CST)
From: "Paul 'Shag' Walmsley" <ccshag@cclabs.missouri.edu>
To: anthony baxter <anthony.baxter@aaii.oz.au>
Cc: bugtraq@fc.net
In-Reply-To: <199503070526.PAA06935@alamein>

On Tue, 7 Mar 1995, anthony baxter wrote:

> 
> /usr/sbin/colorview is setuid root, and takes a -text filename 
> option. It reads this as root, and can read any file on the system.
> And, as an added bonus, it gives you a nice little widget with a 
> scrollbar on it so you can page through the file.
> 

This one's about a year old - see the SGI Admin FAQ for this and lots 
of other IRIX security info (finger sgi-faq@viz.tamu.edu for location 
information)


- Paul "Shag" Walmsley <ccshag@cclabs.missouri.edu>
  "I'll drink a toast to bold evolution any day!"


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[1199] in bugtraq

Re: sigh. another Irix 5.2 hole.

daemon@ATHENA.MIT.EDU (Paul 'Shag' Walmsley)Tue Mar 7 15:11:59 1995

daemon@ATHENA.MIT.EDU (Paul 'Shag' Walmsley)
Tue Mar 7 15:11:59 1995