Aucbvax.2950
fa.unix-wizards
utzoo!decvax!ucbvax!unix-wizards
Sat Sep 5 00:15:36 1981
Re: /usr/spool/mail
>From MathStat.jmrubin@Berkeley Sat Sep 5 00:05:05 1981
From csvax:unix-wizards Thu Sep 3 10:30:20 1981
Subject: Re: /usr/spool/mail
Newsgroups: fa.unix-wizards
>From menlo70!hao!woods@Berkeley Thu Sep 3 10:21:02 1981
Perhaps this is my ignorance showing through, but I don't see how
having /usr/spool/mail writable can allow you to become the super-user.
Perhaps you could illegally read other's mail, but...
P.S. Ours is not writable.
GREG (ucbvax!menlo70!hao!woods)
I believe what is being referred to is the following:
Suppose that /etc and /usr/spool/mail are on the same disk (which is
extremely likely.) Link /etc/passwd to somebody's mailbox. (remove
an empty one if necessary). Then, mail a line like:
abc::0:2::/:
to said mailbox. Now, % su abc
You're user id will be set to 0--you are root.
Of course, the first thing you will want to do is to remove as
much of the evidence that you can.
-----------------------------------------------------------------
gopher://quux.org/ conversion by John Goerzen <
[email protected]>
of
http://communication.ucsd.edu/A-News/
This Usenet Oldnews Archive
article may be copied and distributed freely, provided:
1. There is no money collected for the text(s) of the articles.
2. The following notice remains appended to each copy:
The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996
Bruce Jones, Henry Spencer, David Wiseman.