Path: utzoo!mnetor!uunet!mcvax!mhres!jv
From: jv@mhres.mh.nl (Johan Vromans)
Newsgroups: comp.bugs.sys5
Subject: Re: A security hole
Message-ID: <1696@mhres.mh.nl>
Date: 24 Mar 88 11:35:59 GMT
References: <181@wsccs.UUCP> <722@rivm05.UUCP> <478@minya.UUCP> <892@cosmo.UUCP> <175@pcsbst.UUCP> <544@fig.bbn.com>
Reply-To: jv@mh.nl (Johan Vromans)
Organization: Multihouse N.V., The Netherlands
Lines: 28
Summary: does it work

In article <544@fig.bbn.com> rsalz@bbn.com (Rich Salz) writes:
>Every single program that is subject to the "IFS" trick can be
>protected by written a wrapper that sets the environment properly,
>then calls the real program.

I tried to replace "/bin/sh" this way, and although everything seemed to
work great, eventually I found out that all my outbound news was being
rejected with a "inews: inbound news is garbled" on the remote machines.

Didn't have the time to track down the problem, so my system is insequre
again. Any suggestions?

#---------------- sh.c ----------------
main (argc, argv)
int argc;
char *argv[];
{
	putenv ("IFS=\" \t\n\"");
	execv ("/bin/SH", argv);
	return -1;
}
#---------------- ----------------


-- 
Johan Vromans                              | jv@mh.nl via European backbone
Multihouse N.V., Gouda, the Netherlands    | uucp: ..{uunet!}mcvax!mh.nl!jv
"It is better to light a candle than to curse the darkness"