[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: digital unix 4.0 hole
From: Paul Szabo <szabo_p () MATHS ! SU ! OZ ! AU>
Date: 1997-11-21 6:40:09
[Download RAW message or body]
[I sent this to bugtraq on 17 Nov, but maybe the moderator misplaced it...]
There are currently two threads of creating root-owned core files on dUNIX
machines. Tom Leffingwell <tom@sba.miami.edu> wrote:
> setenv DISPLAY abcdefghi
> /usr/bin/X11/xterm
and John McDonald <jmcdonal@OSPREY.UNF.EDU> suggested:
> If you run dbx (tested on 3.11.10) on a setuid root program ...
To avoid the problem of core file creation, Johan Danielsson
<joda@PDC.KTH.SE> said to patch /vmunix:
> # cp /vmunix /vmunix.save
> # dbx /vmunix
> (dbx) ((unsigned*)core+82)/1 i
> [core:5261, 0xfffffc000026ff48] and r1, r2, r1
> (dbx) patch *((unsigned*)core+82) = 0x203f0001
> [core:5261, 0xfffffc000026ff48] lda r1, 1(r31)
> (dbx) q
> # reboot
A colleague of mine suggests that, since /sbin/rc3.d starts anything a
user's process could be a descendant of, a simpler method might be to insert
one line into /sbin/rc3 :
ulimit -h -c 0
This solution seems to work for me (passed my limited testing).
Paul Szabo - System Manager // School of Mathematics and Statistics
psz@maths.usyd.edu.au // University of Sydney, NSW 2006, Australia
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic