[8163] in bugtraq
DU 4.0D cdfs bug : xcd eject CDROM, even mounted.
daemon@ATHENA.MIT.EDU (Alexis POLOZOV)
Fri Oct 9 16:32:42 1998
Date: Fri, 9 Oct 1998 09:25:21 PDT
Reply-To: Alexis POLOZOV <koss4u@HOTMAIL.COM>
From: Alexis POLOZOV <koss4u@HOTMAIL.COM>
To: BUGTRAQ@NETSPACE.ORG
Hello,
xcd (CD_Player for CDE users), used for playing of audio CDs "has a side
effect of making xcd's eject button always work, even when the hardware
eject switch is locked."
I would like to add :
Even when a cdfs filesystem is mounted.
Even when a file reading is in progress (cp, ls, find etc.).
Until the system is up.
The author of the program considerated this as a feature.
(See the source code is available into /usr/example/motif/xcd
directory.)
By default, you do NOT need to be root for using this command.
Exploit : eject a mounted CD-ROM with xcd, insert another CDROM and ls
-R into CDROM directory. The system will crash.
DEC is informed about this problem.
Workaround : "chmod" or "setld -d". :)
Alex
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
