Path: utzoo!attcan!uunet!ncrlnk!ncr-sd!hp-sdd!hplabs!decwrl!purdue!mailrus!nrl-cmf!cmcl2!adm!xadmx!rbj@nav.icst.nbs.gov
From: rbj@nav.icst.nbs.gov (Root Boy Jim)
Newsgroups: comp.unix.wizards
Subject: Crackers and Worms
Message-ID: <17570@adm.BRL.MIL>
Date: 17 Nov 88 16:17:21 GMT
Sender: news@adm.BRL.MIL
Lines: 23

? From: Rahul Dhesi <dhesi@bsu-cs.uucp>
? Date: 12 Nov 88 20:46:57 GMT
? Keywords: bug reality

? In article <14505@mimsy.UUCP> chris@mimsy.UUCP (Chris Torek) writes:
? >Actually, you get a `daemon' shell---not as bad, but, as Keith put it,
? >`not my idea of a good time'.

? But at's jobs to be executed are owned by daemon, so isn't being daemon
? just a trivial step away from being root?  Somebody mentioned this
? earlier and nobody contradicted him.
? -- 
? Rahul Dhesi         UUCP:  <backbones>!{iuvax,pur-ee}!bsu-cs!dhesi

So who uses `at'? Maybe you like batch? On our sun, a daemon user could
tamper with the line printer queues and delete all the log files. Perhaps
worst of all is that /usr/etc/in.syslog is writable by daemon.

I'm sure there are other holes.

	(Root Boy) Jim Cottrell	(301) 975-5688
	<rbj@nav.icst.nbs.gov> or <rbj@icst-cmr.arpa>
	Crackers and Works -- Breakfast of Champions!