[10418] in bugtraq
Re: Possible Linuxconf Vulnerability
daemon@ATHENA.MIT.EDU (Neale Banks)
Mon May 3 18:39:29 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.05.9905032233470.5449-100000@marina.lowendale.com.au>
Date: Mon, 3 May 1999 22:41:09 +1000
Reply-To: Neale Banks <neale@LOWENDALE.COM.AU>
From: Neale Banks <neale@LOWENDALE.COM.AU>
X-To: Desync <desync@nwlink.com>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <372ADB4E.11C469CA@nwlink.com>
On Sat, 1 May 1999, Desync wrote:
[...]
> Obviously, someone would have to remove clock for this to occur. Which
> would conclude that either A) you had incorrect permissions for clock B)
> they had allready used some means of another true exploit to cause other
> program to misbehave.
No, this is not "obvious". Maybe OpenLinux, like Debian, doesn't have a
/sbin/clock? Debian has a /sbin/hwclock, which I suspect has the
functionality Linuxconf is looking for. The "problem" may well be
Linuxconf _presuming_ the existence of /sbin/clock.
> If someone really wanted to do some damage with physical access to a
> machine, popping a rescue disk set into the drive and rebooting with the
> reset switch would do fine.
Agreed: there is much to be said for the assertion "physical access ==
game over".
Regards,
Neale.
