Gord_Wait@mindlink.bc.ca (Gord Wait) (05/13/91)
On sun sparc os 4.1.1 there is a default mail alias called uudecode. Is this a useful thing? I can't get it to do anything but spit out error messages when I mail it uuencoded files. Any clues appreciated. -- Gord Wait Member of Technical Staff ASIC Engineering SMOS Systems Vancouver Design Center Gord_Wait@mindlink.UUCP
tchrist@convex.COM (Tom Christiansen) (05/14/91)
From the keyboard of Gord_Wait@mindlink.bc.ca (Gord Wait): :On sun sparc os 4.1.1 there is a default mail alias called uudecode. Is this a :useful thing? I can't get it to do anything but spit out error messages when I :mail it uuencoded files. Any clues appreciated. It is usually more useful to a cracker than to you, as it usually allows him to overwrite daemon-writable files anywhere on the system, or to create setuid-daemon programs. Depending on your sendmail, it may even be worse than this. I suggest you expurgate it from your system in all due haste. --tom -- Tom Christiansen tchrist@convex.com convex!tchrist "So much mail, so little time."
Gord_Wait@mindlink.bc.ca (Gord Wait) (05/15/91)
Well, what fun that was... It is lucky I don't read my mail on a unix machine.
After asking how to use the decode alias under sun4.1.1 sparc unix, I got a few
mail replies saying more or less that the decode alias is a security hole. I
also got one mail message from something or someone called abc@concert.net that
contained ONLY a uuencoded file
that looks like it was supposed to create a file called a /usr/lib/phase.o, and
the hackers come running!
I think that sun may have fixed the decode problem, because I have
tried to mail myself uuencoded files, and forwarded them to decode, but all
that happens is a "permission denied" error.
I have not decoded the file from abc@concert.net, so I don't know what
is in it. In any case, the decode alias is toast.
(hey maybe if I install the file.. I could try to catch the hacker... yeah !
then I could write a book about my experience... yeah.. thats the ticket! I
could call it .. the .. the trojans egg!!)
--
Gord Wait
Member of Technical Staff
ASIC Engineering
SMOS Systems
Vancouver Design Center
Gord_Wait@mindlink.UUCP