Ultrix x.x /etc/rc.local security holes via /tmp/t1
John Haxby
jch at dyfed.rdg.dec.com
Fri Mar 1 20:34:35 AEST 1991
You don't actually need these temporary files
at all. I got fed up of waiting for the edit on reboot
so I re-wrote it to look like this:
------------------------------
VERSION=`echo version\?s |
adb /vmunix - |
sed -e 1d -e 's/_version:[ \t]*//'` 2>&1 > /dev/console
if [ "$VERSION" != "" ]
then echo $VERSION
echo -n 'update /etc/motd ...'
mv /etc/motd /etc/motd.BAK
(echo $VERSION; grep -v ULTRIX /etc/motd.BAK) > /etc/motd
echo -n ' update /etc/gettytab ...'
VERSION=`echo $VERSION | sed 's/System.*//'`
(echo '/^ULTRIX.*/s//'"$VERSION"'\\'; echo w) |
ed /etc/gettytab > /dev/null
echo ' done.'
fi 2>&1 >/dev/console
---------------
(The \t is a tab). I suspect a similar thing could be done for
a mips machine (that doesn't have adb); although you could
always go back and use the slow `strings' it needs be.
--
John Haxby, Definitively Wrong.
Digital <jch at wessex.rdg.dec.com>
Reading, England <...!ukc!wessex!jch>
More information about the Comp.unix.ultrix
mailing list