Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!snorkelwacker.mit.edu!bloom-beacon!eru!hagbard!sunic!mcsun!hp4nl!svin02!wsinis03!debra
From: debra@wsinis03.info.win.tue.nl (Paul de Bra)
Newsgroups: comp.unix.admin
Subject: Re: Possible security problem, need information...
Message-ID: <1832@svin02.info.win.tue.nl>
Date: 20 Mar 91 14:06:51 GMT
References: <1991Mar18.200957.166@gacvx2.gac.edu>
Sender: news@svin02.info.win.tue.nl
Reply-To: debra@info.win.tue.nl
Organization: Eindhoven University of Technology, The Netherlands
Lines: 15

In article <1991Mar18.200957.166@gacvx2.gac.edu> dan@gacvx2.gac.edu writes:
>Is there anything inherently evil giving world write access to the "root" (aka
>"/") directory on a BSD 4.3 UNIX system?  The exact permission with the command
>"ls -ld /" is "drwxrwxrwt".

Let's see, a user could:
- remove the kernel (/vmunix or /unix) so you cannot reboot after a crash
- mv /dev /somethingelse so all devices are unknown (inluding the tty's
  so noone can log on...)
- mv /etc /somethingelse and then mkdir /etc, create your own /etc/passwd...

Need any more hints?

Paul.
(debra@win.tue.nl, debra@research.att.com)