From: joef@extro.ucc.su.OZ.AU (Joe Fool) Subject: Re: My First Post. Date: Fri, 28 Aug 1992 03:30:26 GMT
Linus.. we have eyes everywhere... [Found this in alt.hackers]
torvalds@klaava.Helsinki.FI (Linus Benedict Torvalds) writes:
>In article <BtJzvF.6Bx@mentor.cc.purdue.edu> devros@mentor.cc.purdue.edu (Devros) writes:
>>Well, Here goes....
>And on two /long/ lines..
>>ObHack: On the local SUN net, format a disk to SunOS and fdmount it.
>>Copy a shell to it and change permissions to setUID, setGID, and world
>>executable. Put the disk in a computer with a disk editor that you can
>>name the media type without a boot sector and find your UID on the disk,
>>changing it to a root uid. Mount it back onto the SUN and execute. I
>>haven't tried it, but theoretically you would get a setuid-root shell.
>"Theoretically" - if it indeed works, your sun setup isn't exactly
>secure. It's pretty easy to disallow suid programs, and I'd assume
>fdmount does exactly that, leaving you as badly off as you were from the
>beginning. Now if you had made the disk by doing a "cat > /dev/fd0",
>/that/ would be a hack (but it should still not work).
>Obhack: while debugging some weird VM bugs in the linux code, I used
> od -x /dev/kmem | less
>to find the problem. It worked too: it was a stray NULL pointer that
>corrupted the page directory. Who needs a kernel debugger anyway?
> Linus