Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq: Re: Environment variables (SECURITY: too many new packages)

Re: Environment variables (SECURITY: too many new packages)

From: Edward John Brocklesby <ejb_at_CYBERSPACE.ORG>
Date: Wed, 1 Jul 1998 11:18:23 -0400

Hi,

>will I assume be issuing identical updates) might like to take a look
>at how their own OS handles pointing the following at files only root
>can read and running setuid apps. (or setgid usage in some cases such as
>Mutt)

On NetBSD, and perhaps other OS's, the file ~/.termcap is also checked,
so ln -s /etc/master.passwd ~/.termcap could get the root password
(I haven't tested this myself)

-ejb
Received on Jul 01 1998

This message: [ Message body ]
Next message: Pavel Kankovsky: "Re: Environment variables (SECURITY: too many new packages)"
Previous message: Darren Reed: "non-exec stacks on solaris."
Next in thread: Pavel Kankovsky: "Re: Environment variables (SECURITY: too many new packages)"
Maybe reply: Pavel Kankovsky: "Re: Environment variables (SECURITY: too many new packages)"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]