Aucbvax.2950
fa.unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Sat Sep  5 00:15:36 1981
Re: /usr/spool/mail
>From MathStat.jmrubin@Berkeley Sat Sep  5 00:05:05 1981
       From csvax:unix-wizards Thu Sep  3 10:30:20 1981
       Subject: Re: /usr/spool/mail
       Newsgroups: fa.unix-wizards
       >From menlo70!hao!woods@Berkeley Thu Sep  3 10:21:02 1981

         Perhaps this is my ignorance showing through, but I don't see how
       having /usr/spool/mail writable can allow you to become the super-user.
       Perhaps you could illegally read other's mail, but...

       P.S. Ours is not writable.

                    GREG (ucbvax!menlo70!hao!woods)




       I believe what is being referred to is the following:
Suppose that /etc and /usr/spool/mail are on the same disk (which is
extremely likely.)  Link /etc/passwd to somebody's mailbox.  (remove
an empty one if necessary).  Then, mail a line like:
abc::0:2::/:
to said mailbox. Now, % su abc
You're user id will be set to 0--you are root.
       Of course, the first thing you will want to do is to remove as
much of the evidence that you can.

-----------------------------------------------------------------
gopher://quux.org/ conversion by John Goerzen <[email protected]>
of http://communication.ucsd.edu/A-News/


This Usenet Oldnews Archive
article may be copied and distributed freely, provided:

1. There is no money collected for the text(s) of the articles.

2. The following notice remains appended to each copy:

The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996
Bruce Jones, Henry Spencer, David Wiseman.

You are viewing proxied material from gopher.quux.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.