[100844] in RedHat Linux List
Re: Hacked! :(
daemon@ATHENA.MIT.EDU (bsc@klondike.ml.org)
Mon Nov 23 14:13:02 1998
From: bsc@klondike.ml.org
Date: Mon, 23 Nov 1998 11:11:54 -0800
To: redhat-list@redhat.com
In-Reply-To: <3659AF52.9D1B961A@iname.com>; from Jan Carlson on Mon, Nov 23, 1998 at 01:54:10PM -0500
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
On Mon, Nov 23, 1998 at 01:54:10PM -0500, Jan Carlson wrote:
> A hole that gives you access to shadow without giving you root access
> first would be doing things the hard way - has anybody heard of one?
Older versions of Xfree, if abused, could read portions of any file on
the fs. Before I upgraded to the _more_ secure version of X, I attempted to
read /etc/shadow. Voila, there it was.
Blair.
--
--- end ---
Blair Craft
bsc@klondike.ml.org
http://www.klondike.ml.org/~bsc
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
