[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd)
From: |
Wayne Buttles |
Subject: |
Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd) |
Date: |
Fri, 27 Jun 1997 08:30:34 -0400 (EDT) |
On Thu, 26 Jun 1997, Foteos Macrides wrote:
> >The second point of concern is the footnote regarding the gaining of root
> >access even though lynx was launched setuid to a different user. We aren't
> >sure how the service is launched at the site, but given other comments, we
> >thought you'd be interested to see the experiences of some other folks.
>
> How bad it is seems to be Unix flavor dependent, but in general
> cp appears to be the culprit, with poor error recovery.
I missed any mention of an anonymous lynx account giving out root shells.
Does anyone have a copy of that note they can send me?
I didn't think cp had anything to do with the error...it just happened to
be in the wrong place at the wrong time. 'cp foo ; /bin/sh' does in
fact mean you want to screw up the cp command and then start a shell.
Wayne
;
; To UNSUBSCRIBE: Send a mail message to address@hidden
; with "unsubscribe lynx-dev" (without the
; quotation marks) on a line by itself.
;