[2283] in bugtraq
loadmodule hole
daemon@ATHENA.MIT.EDU (Chi-Cheong Weng)
Fri Sep 29 16:32:43 1995
Date: Thu, 28 Sep 1995 20:59:57 PDT
Reply-To: Bugtraq List <BUGTRAQ@crimelab.com>
From: Chi-Cheong Weng <cweng@alantec.com>
X-To: bugtraq@crimelab.com
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@crimelab.com>
Hi I have an interesting question to discuss with you.
On my system (running SunOS 4.1.3), for security reason, eqvload and
evqmod-sun4c.o are removed. But /usr/openwin/loadmodule with suid bit
is still there. I have copied the eqvload and evqmod-sun4c.o from other
machine to my system's /tmp and then ran
/usr/openwin/loadmodule /tmp/evqmod-sun4c.o /tmp/eqvload
the loadmodule complained that it could not find evqmod-sun4c.o and
eqvload under /usr/openwin/modules directory.
My question is: Does loadmodule only look into /usr/openwin/modules directory ?
Can I set up an environment variable to have loadmodule read
the modules form /tmp directory ????
