Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1994: Re: automountd and Solaris 2.3

Re: automountd and Solaris 2.3

Jim Thompson (jimtadpole.com)
Thu, 5 May 94 11:06:04 CDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Richard Huddleston: "Re: automountd and Solaris 2.3"
Previous message: Richard Huddleston: "automountd and Solaris 2.3"
Maybe in reply to: Karyn Pichnarczyk: "automountd and Solaris 2.3"
Next in thread: Richard Huddleston: "Re: automountd and Solaris 2.3"

I'd bet that it doesn't mount the floppy (or CD) nosuid, so the
cracker can simply make-up a floppy with a filesystem containing
a passwordless version of 'su'.

but I'm just guessing.

Jim

Next message: Richard Huddleston: "Re: automountd and Solaris 2.3"
Previous message: Richard Huddleston: "automountd and Solaris 2.3"
Maybe in reply to: Karyn Pichnarczyk: "automountd and Solaris 2.3"
Next in thread: Richard Huddleston: "Re: automountd and Solaris 2.3"