[2305] in bugtraq
Re: s-bits disappear ?
daemon@ATHENA.MIT.EDU (Neil Readwin)
Fri Oct 13 22:46:56 1995
Date: Thu, 12 Oct 1995 22:44:00 +0100
Reply-To: Bugtraq List <BUGTRAQ@crimelab.com>
From: Neil Readwin <nreadwin@LONDON.MICROGNOSIS.COM>
X-To: BUGTRAQ@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@crimelab.com>
In-Reply-To: <199510111445.OAA00980@visbl.rus.uni-stuttgart.de> from "Bernd
Lehle" at Oct 11, 95 03:45:44 pm
Bernd Lehle writes:
> The following investigation yielded: The s-bits of /sbin/ps, /sbin/su
> and /bin/mail had disappeared.
Last time I saw this was on a SunOS 4 machine. I suspect that one of the
people with root access did an rcp and instead of ~/bin typed ~bin or just
/bin but noone admitted having done so :-)
ObBug:
On some platforms tip will follow symlinks when reading ~/.tiprc,
so 'tip -v' can be used to read non-comment lines in uucp files
like /etc/uucp/Systems (which means any local user can get the uucp
passwords for machines you call).
Neil.
--
nreadwin@micrognosis.co.uk Phone: +1 908 855 1221 x519
Anything is a cause for sorrow that my mind or body has made
