On Sat, 25 Dec 1999, Stanislav N. Vardomskiy wrote:
>> At best you can get a file in /etc/ that is owned by >yourself.
> This just *might* be a problem. I have been patching ssh lately,
> building and rebuilding it over and over again, and it seems that ssh
> can be affected by a number of files in /etc/, some of which are not
> present by default in all OSes. For instance, just doing a quick
> `strings` on /usr/local/sbin/sshd comes up with: /etc/environment
> /etc/sshrc that are not there by default in many OSes. At the same
> time when you build SSH, it links by default
> -DTIS_MAP_FILE=\"/etc/sshd_tis.map\"
Hey, people, what the hell are you talking about?! Please read previous
posts:
> When you run chfn (chfn/chsh/chpass is the same binary on FreeBSD),
> temporary file in /etc/pw.???? will touch, external editor will be
> execute (env.variable $EDITOR) with uid of user running chfn. Edit
> your parameters, delete all characters on the last line in the editor
> (Other information: entry). After this, chfn will crash. No core
> dumped.
All you can get is a file in /etc/ owned by yourself, but this file is
named /etc/pw.XXXX, **NOT** /etc/sshrc, /etc/environment,
/etc/sshd_tis.map, or anything else - **NAMED** /etc/pw.XXXX. Until you
own whole /etc directory, or suddenly (*p00f*) it will become
world-writable, you cannot rename this file - it's always and always
/etc/pw.XXXX... So what is wrong with you, stop writing tons of 'what-ifs'
if you haven't tested your ideas at least on your own box ;P It's nothing
bad to make a mistake, but it's good to at least try before.
_______________________________________________________________________
Michal Zalewski [lcamtuf_at_ids.pl] [link / marchew] [dione.ids.pl SYSADM]
[Marchew Industries] ! [http://lcamtuf.na.export.pl] bash$ :(){ :|:&};:
[voice phone: +48 22 813 25 86] <=-=> [cellular phone: +48 501 4000 69]
Iterowac jest rzecza ludzka, wykonywac rekursywnie - boska [P. Deutsch]
Received on Dec 27 1999
Intro
