Path: utzoo!mnetor!tmsoft!torsqnt!news-server.csri.toronto.edu!bonnie.concordia.ca!thunder.mcrcim.mcgill.edu!snorkelwacker.mit.edu!spool.mu.edu!sdd.hp.com!uakari.primate.wisc.edu!crdgw1!sixhub!davidsen
From: davidsen@sixhub.UUCP (Wm E. Davidsen Jr)
Newsgroups: comp.unix.sysv386
Subject: Re: SECURITY BUG IN INTERACTIVE UNIX SYSV386
Keywords: BAD BUG
Message-ID: <3218@sixhub.UUCP>
Date: 18 Feb 91 03:34:34 GMT
References: <KR3NBQQ@dobag.in-berlin.de> <1991Feb12.085747.8468@specialix.co.uk> <27B93F44.5606@tct.uucp> <6027@unix386.Convergent.COM> <1991Feb15.134715.16979@virtech.uucp>
Reply-To: davidsen@sixhub.UUCP (bill davidsen)
Organization: *IX Public Access UNIX, Schenectady NY
Lines: 19

In article <1991Feb15.134715.16979@virtech.uucp> cpcahil@virtech.uucp (Conor P. Cahill) writes:

| 	2. I wholeheartly DISAGREE with you posting the source code which
| 	   performs the security bypass.  You could have just posted the
| 	   uuencoded binary which would have been enough to prove your point
| 	   without making it extremely easy for any two bit user to obtain
| 	   privileged access.  

  How is the uuencoded binary less dangerous than the source? Once you
can write the passwd and shadow files you can either make your login
root, change the root passwd, create a new root userid, etc.

  I don't see in this case what would have been gained by giving the
hacker a way to do it and not telling him how.
-- 
bill davidsen - davidsen@sixhub.uucp (uunet!crdgw1!sixhub!davidsen)
    sysop *IX BBS and Public Access UNIX
    moderator of comp.binaries.ibm.pc and 80386 mailing list
"Stupidity, like virtue, is its own reward" -me