Bugtraq mailing list archives
Re: Troff dangerous.
From: beck () BOFH UCS UALBERTA CA (Bob Beck)
Date: Mon, 26 Jul 1999 17:09:14 -0600
(1) Root installs the malicious roff source unknowingly. (2) During the process of building/installing the program,
XXXXX
at which point the trojan horse does it dirty work.
s/XXXXX/configure runs some stuff/ s/XXXXX/Make runs some stuff/ s/XXXXX/shell runs som stuff/ s/XXXXX/some random evil program runs/ Yeah, a troff macro is a little obtuse for the younger generation, but so what? How many people who run those nifty gnu autoconf twiddlies do you think are checking beforehand what they are doing as root? At the risk of further flogging the sticky spot on the road that used to be a horse, this really shouldn't be a shocker to anyone on this list. Most anything you run as root can be made to own you by whoever can change it before you run it. -Bob
Current thread:
- Re: Troff dangerous., (continued)
- Re: Troff dangerous. Aaron Campbell (Jul 26)
- Re: Troff dangerous. Olaf Kirch (Jul 26)
- Re: Troff dangerous. Joel Eriksson (Jul 25)
- Re: Troff dangerous. Pete (Jul 25)
- Re: Troff dangerous. Robert Watson (Jul 27)
- Re: Troff dangerous. Yozo Toda (Jul 25)
- Re: Troff dangerous. Eric Moore (Jul 25)
- Re: Troff dangerous. Ville Nummela (Jul 27)
- Re: Troff dangerous. Pete (Jul 25)
- Re: Troff dangerous. Jason Thorpe (Jul 25)
- Retrieving RDS Data... Wanderley J. Abreu Jr (Jul 26)
- Re: Troff dangerous. Bob Beck (Jul 26)
- Re: Troff dangerous. Ronny Cook (Jul 25)
- Re: Troff dangerous. Steven M. Bellovin (Jul 26)
- Re: Troff dangerous. Groovy Pants Gus (Jul 26)