[3753] in bugtraq
Re: Solaris 2.x Vulnerability [/usr/vmsys/bin/chkperm]
daemon@ATHENA.MIT.EDU (Paul B. Henson)
Thu Dec 5 17:59:03 1996
Date: Thu, 5 Dec 1996 14:32:59 -0800
Reply-To: pbhenson@csupomona.edu
From: "Paul B. Henson" <henson@intranet.csupomona.edu>
X-To: tthacker@mtc.iitri.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <9612052153.AA28796@mtc.iitri.com> (message from Terrell Thacker
on Thu, 05 Dec 1996 16:53:56 -0500 (EST))
> You could create the link (to .rhosts in the example) using
> the <gibberish characters> file name created by chkperm
> and accomplish the same result.
Tried that. It just created a file with an additional gibberish character
in it instead of following the link :)... Also, the gibberish file, while
owned by bin, has perms 644, not 666, on my system.
--
Paul Henson | System Administrator | Cal Poly Pomona | (909) 869-3781
pbhenson@csupomona.edu | finger henson@brick.dce.csupomona.edu for PGP key
