(Illustration by Gaich Muramatsu)
You'd have to be a fool to export /usr writable...but often times I see filesystems mounted without "nosuid" so creating and subsequently executing a setuid-bin shell gives you the same result with no more effort. I wonder if my outlook is mis-interpreting something; I meant to only respond to Mr. Forsman. Andrew > -----Original Message----- > From: Robert Forsman [SMTP:thoth_at_nile.purplefrog.com] > Sent: Thursday, August 05, 1999 9:40 AM > To: codalist_at_TELEMANN.coda.cs.cmu.edu > Subject: Re: install as root.root doesn't work on BSD systems > > Phil Nelson <phil_at_cs.wwu.edu> ,in message > <199908032156.OAA02193_at_fawn.cs.wwu.ed > u>, wrote: > > > > > Hi, > > > > The recent change to install as root.root doesn't work on BSD > > systems. It should bin.bin on unpriviledged binaries. > > I remember somebody complaining about how NFS doesn't have > bin-squashing, so > if anyone were able to compromise a machine and get write access to > remote:/usr, then you'd be pretty fucked. Of course, why would you > write-export /usr? > > -- > Bob Forsman thoth_at_gainesville.fl.us > http://www.gainesville.fl.us/~thoth/Received on 1999-08-05 12:17:21