Bugtraq mailing list archives
Re: Little exploit for startup scripts (SCO 5.0.4p).
From: rosmo () sektori com (Taneli Leppä)
Date: Mon, 8 Mar 1999 18:37:45 +0200
On Mon, 8 Mar 1999 08:43:15 +0100, Peter van Dijk wrote:
No. rm -f removes just the symlink, not the target file.
Actually the script won't delete any script, instead it will overwrite any file: # S84rpcinit: # ... # /bin/su root -c "/bin/ps -ef" > /tmp/rpc$$ 2>/tmp/rpc.err$$ # /bin/rm -f /tmp/rpc.err$$ Now if /tmp/rpc$$ was symlinked to another file, it would be overwritten with output from /bin/ps... right? :-) Regards, Taneli -- | Taneli Leppä <rosmo () sektori com>, <http://www.rosmo.sektori.com> | GSM: +358505485242 - Tärkeimmät uutiset: http://uutiset.icon.fi
Current thread:
- Re: Linux /usr/bin/gnuplot overflow -- SuSE hasnt fixed lsof, (continued)
- Re: Linux /usr/bin/gnuplot overflow -- SuSE hasnt fixed lsof Mario Lorenz (Mar 05)
- Update to Microsoft Security Bulletin (MS99-006) aleph1 () UNDERGROUND ORG (Mar 05)
- More Internet Explorer zone confusion Jim Paris (Mar 05)
- Re: More Internet Explorer zone confusion Walt Armour (Mar 08)
- Re: More Internet Explorer zone confusion Jeremy Nimmer (Mar 08)
- Re: More Internet Explorer zone confusion Jim Paris (Mar 08)
- ISAPI Extension vulnerability allows to execute code as SYSTEM Aleph One (Mar 08)
- Re: More Internet Explorer zone confusion David E. Smith (Mar 08)
- Little exploit for startup scripts (SCO 5.0.4p). leshka (Mar 07)
- Re: Little exploit for startup scripts (SCO 5.0.4p). Peter van Dijk (Mar 07)
- Re: Little exploit for startup scripts (SCO 5.0.4p). Taneli Leppä (Mar 08)
- Call for Papers: CQRE Detlef Hühnlein (Mar 08)
- Re: Little exploit for startup scripts (SCO 5.0.4p). Jon Coyle (Mar 08)