Problem in dxterm (ULTRIX)

Trevor Schroeder (tschroed@CHEETAH.WSC.EDU)
Thu, 26 Jun 1997 10:16:05 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Thomas H. Ptacek: "Re: [ADVISORY] 4.4BSD Securelevels"
Previous message: just me.: "Re: Solaris Ping bug (DoS)"

On ULTRIX 4.4 (most likely 4.5 as well), there's an enhanced xterm called
dxterm. Normally it's setuid (doh!). dxterm allows users to select a file to
log output to. It's a trivial matter to link this file to another file and
since dxterm is running as root, it's very easy to append arbitrary data to
any file on the filesystem, even if not owned by the particular user. It does
not seem to follow symlinks.

____________________________________________________________
"...because this little girl needs stuff."

Trevor Schroeder tschroed@cheetah.wsc.edu
------------------------------------------------------------

Next message: Thomas H. Ptacek: "Re: [ADVISORY] 4.4BSD Securelevels"
Previous message: just me.: "Re: Solaris Ping bug (DoS)"