WARNING: SCO-Xenix game "hack", setuid root NO DANGER, OOOOPS
Rick Kelly
rmk at rmkhome.UUCP
Mon Apr 22 05:42:00 AEST 1991
In article <1991Apr18.213843.18297 at odbffm.incom.de> oli at odbffm.incom.de (Oliver Boehmer) writes:
>In <1991Apr17.192850.10450 at odbffm.incom.de> oli at odbffm.incom.de (Oliver Boehmer) writes:
>
>>Hi!
>>When I recently went through the setuid-files on my system, I found, that
>>/usr/games/lib/hackdir/hack (the actual nethack-program) is setuid-root.
>>This version is part of SCO-XENIX Games and was installed with this
>>permissions by the SCO-Utility custom.
>>HACK x4511 root/root 1 ./usr/games/lib/hackdir/hack 01
>>Hack allows shell escapes and I don't have to say what this means.
>
>>If it wouldn't be so serious, I'd laugh about this. But isn't it the right
>>filename for something like that?
>
>>Anyway, it's about time you go through your setuid-files
>> find / \( -perm -4000 -o -perm -6000 \) -print
>
>>oli
>
>Ooooops, I just found out, that the permissions are reset before starting
>the shell, so that there is no potential danger.
>I'm sorry about this.
>But one thing I'd really like to know: Why the &/%$"&/ is hack setuid?
I believe that the high score file belongs to root, and can only be read by
and written to by root.
Rick Kelly rmk at rmkhome.UUCP frog!rmkhome!rmk rmk at frog.UUCP
More information about the Comp.unix.admin
mailing list