OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Vuln-Dev Archives: Re: Unix * weirdness

Re: Unix * weirdness

Subject: Re: Unix * weirdness
From: Pierre Belanger (belangerRISQ.QC.CA)
Date: Sat Jan 01 2000 - 16:31:31 CST

| It took me a minute. It's taking the file named -proc and parsing as
| if it was a set of command line options. I guess this makes some
| sense.. I believe the shell just takes all the files and makes them all
| command-line parameters when you use *.
|
rm -R -- * will work.

From the man page :

  NOTES
       A -- permits the user to mark explicitly the end of any com-
       mand line options, allowing rm to recognize file arguments
       that begin with a -. As an aid to BSD migration, rm will
       accept - as a synonym for --. This migration aid may disap-
       pear in a future release. If a -- and a - both appear on
       the same command line, the second will be interpreted as a
       file.

| So, I wonder what other kinds of traps can be laid for the root
| user or cron jobs, etc... For example, here's a line from my
| S05RMTMPFILES in /etc/rc2.d dir, on a Solaris 2.6 machine.
| (Which is where this behavior was noticed):
|
| /usr/bin/rm -rf /tmp/*
|
Sun should put /usr/bin/rm -rf -- /tmp/*

The script will only rm if :

  # if /tmp or any of its subdirectories are mount points do not remove /tmp

Usually, /tmp is a mount point since Solaris 2.5 (???) so the script
shouldn't erase nothing unless you have an old operating system...
I wonder what the script looks like on a old SunOS box.

| So, if I can place an interestingly names file in /tmp
| (and anyone can) can I get interesting things to happen
| when the machine reboots.
|
I don't think so, well not with a few tests I did under Solaris 2.6.
Perhaps other/older OS?

Pierre B.

This archive was generated by hypermail 2b27 : Sat Jan 01 2000 - 19:13:48 CST