Ultrix x.x /etc/rc.local security holes via /tmp/t1
Brendan Kehoe
brendan at cs.widener.edu
Fri Mar 1 00:19:38 AEST 1991
In <1991Feb28.083356.6769 at watcgl.waterloo.edu>, idallen at watcgl.waterloo.edu writes:
>On Ultrix (any version), if you happen to have directories named
>/tmp/t1 or /tmp/t2, all kinds of nasty things will happen to your
>/etc/motd and /etc/gettytab because /etc/rc.local assumes it can write
>to these tmp names as files, and it edits the contents into your
>/etc/motd and /etc/gettytab.
Suns have the same problem; just change the /tmp/t1 and /tmp/t2
names to /etc/t1 and /etc/t2 -- since rc.local's run as root, you'll
be fine.
--
Brendan Kehoe - Widener Sun Network Manager - brendan at cs.widener.edu
Widener University in Chester, PA A Bloody Sun-Dec War Zone
More information about the Comp.unix.ultrix
mailing list