Path: utzoo!utgpu!attcan!uunet!lll-winken!lll-tis!helios.ee.lbl.gov!pasteur!agate!ucbvax!decwrl!labrea!polya!cayuga!andy
From: andy@cayuga.Stanford.EDU (Andy Freeman)
Newsgroups: comp.unix.questions
Subject: Re: The Wily Hacker
Keywords: Security
Message-ID: <3444@polya.Stanford.EDU>
Date: 29 Jul 88 06:52:13 GMT
References: <660@sunspot.UUCP>
Sender: news@polya.Stanford.EDU
Reply-To: andy@cayuga.Stanford.EDU (Andy Freeman)
Organization: Stanford University
Lines: 15

In article <660@sunspot.UUCP> cmiller@noao.UUCP (Charlie Miller) writes:
>	He also exploited a bug in the Gnu-Emacs editor:  using the
>built in mail system, allowing users to forward a file to another
>user, Emacs uses the UNIX set user ID root feature.  He used this
>program to put a shell script (to execute a root level) into the
>systems area that when executed would grant him system privileges.

The GNU Emacs installation instructions explicitly warn against making
those parts setupid root; they don't need root privs to work properly.
Software that is incorrectly installed often allows security failures,
but the installer, not the software, is to blame.

-andy
UUCP:  {arpa gateways, decwrl, uunet, rutgers}!polya.stanford.edu!andy
ARPA:  andy@polya.stanford.edu
(415) 329-1718/723-3088 home/cubicle