Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!asuvax!ncar!elroy.jpl.nasa.gov!usc!nic.csu.net!csun!kithrup!sef
From: sef@kithrup.COM (Sean Eric Fagan)
Newsgroups: comp.unix.sysv386
Subject: Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386
Keywords: BAD BUG
Message-ID: <1991Feb14.201602.21248@kithrup.COM>
Date: 14 Feb 91 20:16:02 GMT
References: <KR3NBQQ@dobag.in-berlin.de> <483@stephsf.stephsf.com> <1991Feb13.221259.1462@scuzzy.in-berlin.de>
Organization: Kithrup Enterprises, Ltd.
Lines: 13

In article <1991Feb13.221259.1462@scuzzy.in-berlin.de> src@scuzzy.in-berlin.de (Heiko Blume) writes:
>not exactly, for public access to my source archive i've set up
>a chroot() user that can't write anywhere, unhackable :-)

Sorry, that's not the case.  Once you've got root access, you can go through
and do lots of nasty things, including setting u.u_rdir to something useful,
like '/'.  Figuring out how to do so is left as an excercise for the reader.

-- 
Sean Eric Fagan  | "I made the universe, but please don't blame me for it;
sef@kithrup.COM  |  I had a bellyache at the time."
-----------------+           -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.