ronald@ibmpcug.UUCP (Ronald Khoo) (07/08/89)
In article <1264@servax0.essex.ac.uk> peter@essex.ac.uk writes: > >No-one has come up with why it is setuid in the first place. Always puzzled me, that, especially since it's also a trojan that way. At least some versions of uudecode shipped setuid I have come across honour a four digit mode arg, so uuencoding and uudecoding the binary from the usual main() { execl("/bin/csh", "csh", (char *)0); } and altering the begin 755 to begin 4755 means giving L.sys away to all and sundry on systems where ~uucp/* is owned by uucp. This probably means *your* system. >Taking setuid off certainly fixes my problem. And the other one. :-) Moral: check all setuid programs, not just the ones setuid root. Don't you think that allowing anyone to fake being your computer to all your UUCP neighbours is as bad as any 'root' breach? -- Ronald.Khoo@ibmpcug.CO.UK (The IBM PC User Group, PO Box 360, Harrow HA1 4LQ) Path: ...!ukc!slxsys!ibmpcug!ronald Phone: +44-1-863 1191 Fax: +44-1-863 6095 Disclaimer: With my opinion of PCs, ibmpcug probably disclaims knowledge of me!