[1969] in SIPB_Linux_Development
security hole in Linux-Athena
daemon@ATHENA.MIT.EDU (Erik Nygren)
Sat Jan 3 23:56:59 1998
To: linux-dev@MIT.EDU
Date: Sat, 03 Jan 1998 23:56:44 EST
From: Erik Nygren <nygren@MIT.EDU>
D'oh!!!
Well, there's a nice, happy security hole in Linux-Athena
that fairly easily allows anyone who can log into
the machine to execute commands as arbitrary users.
Basically, attach.conf doesn't have anywhere near enough
constrants on where you can attach file systems.
We really should put far more regexps in there
than are there right now. As a simple example,
create a directory in AFS containing a cron file named root
that does something and then attach the dir as /var/spool/cron
and watch your command execute a minute later as root...
It would be great if someone could build new packages
for Linux-Athena 4.0 and 4.2 and then suggest that people
upgrade to the new packages.
Erik
