|
Bugtraq
mailing list archives
Re: Netscape Admin Servers /tmp/deamonstat
From: posse () CORINNE MAC EDU (Corinne Posse)
Date: Wed, 18 Jun 1997 03:02:15 -0000
************** Corinne Posse Security Notice **************
Issue Number 5: 970717
************** http://corinne.mac.edu/posse **************
**** Problem with su on HP/UX 9.00 VIA a dumb-terminal ****
When the shell calling "su" is killed, the user is logged out,
but in-between login prompts, a user can still enter commands as
root.
Affected Sites:
Any HP system running HP/UX 9.00.
Problem:
When a user su's to root and goes idle, the other system administrator
wants to kill the login shell for obvious purposes. Normally, doing
this logs the user out and kills and shells or programs that have been
run from this shell, but this isn't quite the case.
What happens is this: It will appear as if the user has logged out
of his/her dumb-terminal, however there is quite a surprise (or
present) for the next user of tha terminal:
HP/UX 9.00
login: myusername
# ksh: myusername not found
password:
#
login: uptime
9:28PM up 1 day, 58 mins, 6 users, load averages: 0.10, 0.17, 0.21
password:
 By Date 
By Thread
Current thread:
- Re: Core file anomalies under BSDi 3.0, (continued)
Re: Netscape Admin Servers /tmp/deamonstat Corinne Posse (Jun 17)
|
Intro
