[4805] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Problem in dxterm (ULTRIX)

daemon@ATHENA.MIT.EDU (Trevor Schroeder)
Thu Jun 26 13:37:15 1997

Date: 	Thu, 26 Jun 1997 10:16:05 -0500
Reply-To: Trevor Schroeder <tschroed@CHEETAH.WSC.EDU>
From: Trevor Schroeder <tschroed@CHEETAH.WSC.EDU>
To: BUGTRAQ@NETSPACE.ORG

On ULTRIX 4.4 (most likely 4.5 as well), there's an enhanced xterm called
dxterm.  Normally it's setuid (doh!).  dxterm allows users to select a file to
log output to.  It's a trivial matter to link this file to another file and
since dxterm is running as root, it's very easy to append arbitrary data to
any file on the filesystem, even if not owned by the particular user.  It does
not seem to follow symlinks.

____________________________________________________________
"...because this little girl needs stuff."

Trevor Schroeder                    tschroed@cheetah.wsc.edu
------------------------------------------------------------


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4805] in bugtraq

Problem in dxterm (ULTRIX)

daemon@ATHENA.MIT.EDU (Trevor Schroeder)Thu Jun 26 13:37:15 1997

daemon@ATHENA.MIT.EDU (Trevor Schroeder)
Thu Jun 26 13:37:15 1997