Bugtraq mailing list archives
Re: Patch to prevent setuid bash shells
From: root () RYANSPC COM (Ryan Veety)
Date: Tue, 2 Jun 1998 11:32:22 -0400
I am the one that wrote the patch. I don't know why Aleph showed up as the sender... It is mostly intended as a trap, for those who use shrink-wrapped scripts and don't really understand how they work. Of course it does not secure the system, but it warns the administrator if anyone attempts a setuid shell, and doesn't give the offender another chance by rejecting future logins. Ryan On Mon, 1 Jun 1998, Aleph One wrote:
Notice I did not write or post the patch. For some reason LISTSERV decided to put me in the from header. Aleph One / aleph1 () dfw net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Current thread:
- Patch to prevent setuid bash shells aleph1 () NATIONWIDE NET (May 30)
- <Possible follow-ups>
- Re: Patch to prevent setuid bash shells Niall Smart (Jun 01)
- Re: Patch to prevent setuid bash shells Aleph One (Jun 01)
- Clarification Niall Smart (Jun 02)
- Re: Patch to prevent setuid bash shells Ryan Veety (Jun 02)
- PPTP Vulnerability Aleph One (Jun 02)
- Re: Patch to prevent setuid bash shells Aleph One (Jun 01)