[19166] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: vixie cron possible local root compromise

daemon@ATHENA.MIT.EDU (Peter van Dijk)
Mon Feb 12 22:19:41 2001

Mail-Followup-To: BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-Id:  <20010212194738.B55386@dataloss.nl>
Date:         Mon, 12 Feb 2001 19:47:38 +0100
Reply-To: Peter van Dijk <peter@DATALOSS.NL>
From: Peter van Dijk <peter@DATALOSS.NL>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <5.0.2.1.2.20010211003607.00a627e8@pop3.lb.hva.nl>; from
              achter05@IE.HVA.NL on Sun, Feb 11, 2001 at 12:38:02AM +0100

On Sun, Feb 11, 2001 at 12:38:02AM +0100, Flatline wrote:
[snip]
> - Quick fix (diff output for crontab.c):
>
> 146c146
> <       strcpy(User, pw->pw_name);
> ---
>  >       strncpy(User, pw->pw_name, MAX_UNAME - 1);

Uhm, won't the user running crontab then get another user's crontab,
if the 'stripped' username actually exists?

Greetz, Peter.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[19166] in bugtraq

Re: vixie cron possible local root compromise

daemon@ATHENA.MIT.EDU (Peter van Dijk)Mon Feb 12 22:19:41 2001

daemon@ATHENA.MIT.EDU (Peter van Dijk)
Mon Feb 12 22:19:41 2001