|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
who
Paul Boehm (paul
BOEHM.ORG)Tue, 28 Jul 1998 20:27:21 +0200
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: Paul Boehm: "netscape mail overflow(another one)"
- Previous message: Chris Wedgwood: "Re: Fwd: Any user can panic OpenBSD machine"
Hi,
the 'who' program is on some systems in a privileged group
which is allowed to read utmp. On redhat linux 5.1 you can
easily crash who by many different ways (e.g. try who /bin/bash)
on freebsd you can use it to view parts of the content of files that
privileged group may read(try who /privileged/group/file).
this is no big deal with security, but gaining a more privileged group
sometimes may be the key to root compromise.
bye,
pb
--
[ Paul S. Boehm | paulboehm.priv.at | http://paul.boehm.org/ | infectedirc ]
Money is what gives a programmer his resources. It's an exchange system created
by human beings. It surrounds us. Works for us, binds the economy together.
- Next message: Paul Boehm: "netscape mail overflow(another one)"
- Previous message: Chris Wedgwood: "Re: Fwd: Any user can panic OpenBSD machine"