Newsgroups: comp.unix.sysv386
Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!lavaca.uh.edu!menudo.uh.edu!sugar!ficc!peter
From: peter@ficc.ferranti.com (Peter da Silva)
Subject: Re: rlogin(1) security bug in ISC UNIX
Message-ID: <EX4AOX@xds13.ferranti.com>
Keywords: security, rlogin
Reply-To: peter@ficc.ferranti.com (Peter da Silva)
Organization: Xenix Support, FICC
References: <1991Mar19.014000.7582@virtech.uucp>
Date: Wed, 20 Mar 91 23:14:21 GMT

In article <1991Mar19.014000.7582@virtech.uucp> cpcahil@virtech.uucp (Conor P. Cahill) writes:
> There exists a bug in the rlogin daemon on ISC UNIX 2.2 which under
> certain conditions will allow a non-privileged user to become root.

We had the same problem in Intel V.3.2u. It doesn't exist in the latest
Intel. Yet another reason to dread getting kicked over to ISC.
-- 
Peter da Silva.  `-_-'  peter@ferranti.com
+1 713 274 5180.  'U`  "Have you hugged your wolf today?"