[7312] in Athena Bugs
xlogin/reactivate security problem
daemon@ATHENA.MIT.EDU (daemon@ATHENA.MIT.EDU)
Thu Mar 14 20:02:02 1991
To: bugs@ATHENA.MIT.EDU, mar@ATHENA.MIT.EDU
Date: Thu, 14 Mar 91 20:01:49 EST
From: John Carr <jfc@ATHENA.MIT.EDU>
I logged into m16-034-16 5 minutes after mhlee logged out. His home
directory was still attached. By running a shell with effective uid
16083, I was able to write to his mode 755 home directory.
/usr/adm/messages recorded no unusual events around the time I logged in.
