Home page logo
/

bugtraq logo Bugtraq mailing list archives

/usr/lib/utmp_update musings
From: paul () argo demon co uk (Paul Ashton)
Date: Tue, 23 May 95 21:42 BST


As nobody yet seems to have pointed out: it is trivial to change a utmp
slot to show root or anybody in the entry for a slot pointing to ../tmp/x
as the device, as long as you make a symlink in /tmp/x to point to a
validly owned device that responds to a TCGETA ioctl. Surely this
brings a multitude of problems with it (it did get me root with in.comsatd
in a rather far-fetched way)?

Cheers,
Paul



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault