[6371] in bugtraq
Re: bug in su (Slackware 3.4)
daemon@ATHENA.MIT.EDU (Martin Schulze)
Sun Mar 22 15:04:45 1998
Date: Sun, 22 Mar 1998 19:28:08 +0100
Reply-To: Martin Schulze <joey@infodrom.north.de>
From: Martin Schulze <joey@DEBIAN.ORG>
X-To: Peter van Dijk <peter@ATTIC.VUURWERK.NL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.96.980315182603.24283A-100000@koek.attic.vuurwerk.nl>; from Peter van Dijk on Sun, Mar 15,
1998 at 06:32:26PM +0100
--eVEW9yuYc//A+q3l
Content-Type: text/plain; charset=us-ascii
On Sun, Mar 15, 1998 at 06:32:26PM +0100, Peter van Dijk wrote:
> If sulog file logging is enabled in /etc/login.defs (shadowing installed!)
> and su has never been used, a user can set his umask to 0 and then run su.
> /var/log/sulog will then be created mode 666, which means user can use su
> to try lots of passwords and then, when done, do something like
> cat /dev/null > /var/log/sulog
> and clear out the logfile.
> Same goes for sudo.
> Note: everything will still be logged in syslog (unless disabled!)
I have investigated the problem and it turned out that it exists in
the shadow package from Julianne Frances Haugh, we're using the
snapshot 970616. This probably means that several recent Linux
distributions will be affected, not only Slackware.
Regards,
Joey
--
/ Martin Schulze * joey@infodrom.north.de * 26129 Oldenburg /
/ http://home.pages.de/~joey/
/ VFS: no free i-nodes, contact Linus -- finlandia, Feb '94 /
--eVEW9yuYc//A+q3l
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
iQCVAwUBNRVYNxRNm5Suj3z1AQHCuQQAg8AVtvmIK56CM5bZ+FJOH8eTd59uzJ3v
kP9ZZYL9dAVTG2C+8alDyW+y9l5ZWX/JDWQP+K0bXO0VCyvGExjXnAbzctEIAq+y
mI0OjSHxk/inKvCab2pixUxteTlvnEziaEopyQXoBGsKnFHw5kYrvi+6AVqbfQVN
edBTS3sP/jc=
=kI4M
-----END PGP SIGNATURE-----
--eVEW9yuYc//A+q3l--
