The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [linux-security] Announce: chkexploit 1.13 (fwd)

To: macan@netter.unimed.com.br (Eduardo Marcel Macan)
Subject: Re: [linux-security] Announce: chkexploit 1.13 (fwd)
From: joost@rulcmc.leidenuniv.nl (joost witteveen)
Date: Tue, 16 Sep 1997 21:45:46 +0200 (CEST)
Cc: joost@rulcmc.leidenuniv.nl, security@debian.org, debian-private@lists.debian.org
Delivered-to: security@debian.org
In-reply-to: <Pine.LNX.3.96.970916152448.9994E-100000@netter> from Eduardo Marcel Macan at "Sep 16, 97 03:44:48 pm"
Resent-cc: recipient list not shown: ;
Resent-date: 16 Sep 1997 19:45:20 -0000
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"KqODnB.A.8O.KHuH0"@debian>
Resent-sender: debian-private-request@lists.debian.org

> On Tue, 16 Sep 1997, joost witteveen wrote:
> > > 	Hmmm... What about users being able to copy suid shells from other
> > > users to /tmp and use them from there? 
> > Nothing about that. Try it, and see the owner change:
> .... deleted ...

> 	Hmmm, let me explain better telling you a story. Imagine one has
> a script that other people use everyday, one day He wants to get acess to
> some accounts so, he adds lines like these to the script:
> 	
> 	cp /usr/bin/sh /tmp/.sh.`whoami`
> 	chmod 4555 /tmp/.sh.`whoami`


Uhm, "He" is able to change scripts that those users run? Then eighter:
 - He = root, in which case He doesn't need to go through all the trouble
   you describe above
 - He != root, and obviously He shouldn't be able to write to directories
   the users have in their paths. If a user explicitly adds a directory
   He can write to to their path, that means those users trust Him.

There's nothing like a security bug in there, that problem will exist
on _every_ system (well, as long as one user is able to run scripts
created/owned by another user. But I'm sure that holds for just about
every system).


What you describe is more "social" enginering: trying to trick other users
into running unsafe commands. A popular way to do that is to put
commands like "sl" in /tmp, in the hope a user mistypes "ls" while
he's in /tmp, and has "." in their path. But that doesn't relate to
"debian security problems".

 
-- 
joost witteveen, joostje@debian.org
#!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

References:
- Re: [linux-security] Announce: chkexploit 1.13 (fwd)
  - From: Eduardo Marcel Macan <macan@netter.unimed.com.br>

Prev by Date: Re: [linux-security] Announce: chkexploit 1.13 (fwd)
Next by Date: my account on master
Previous by thread: Re: [linux-security] Announce: chkexploit 1.13 (fwd)
Next by thread: Re: [linux-security] Announce: chkexploit 1.13 (fwd)
Index(es):
- Date
- Thread