mailing list archives
Re: Vulnerability in 4.4BSD Secure Levels Implementation
From: rharri01 () KEPLER POLY EDU (Roger Harrison ?)
Date: Mon, 29 Jun 1998 20:57:37 -0400
On Mon, 29 Jun 1998, Niall Smart wrote:
On Jun 26, 8:41am, Tim Newsham wrote:
} Subject: Re: Vulnerability in 4.4BSD Secure Levels Implementation
- The syslogd daemon can be covertly compromised, so no useful
information ever gets logged to the protected system logs. But at
least no-one can modify the useless information.
Be smart, niall, syslog can only be compromised after the system
has been compromised.
uhm, not necessarily.
The pinelock.csh script I wrote around 12/97 and posted to bugtraq
could kill syslogd if root opens up two sessions of pine.
It is a local exploit.
iconoclast () thepentagon com
- Re: Solaris 2.6 non-executable stacks, (continued)