Aucbvax.2950 fa.unix-wizards utzoo!decvax!ucbvax!unix-wizards Sat Sep 5 00:15:36 1981 Re: /usr/spool/mail >From MathStat.jmrubin@Berkeley Sat Sep 5 00:05:05 1981 From csvax:unix-wizards Thu Sep 3 10:30:20 1981 Subject: Re: /usr/spool/mail Newsgroups: fa.unix-wizards >From menlo70!hao!woods@Berkeley Thu Sep 3 10:21:02 1981 Perhaps this is my ignorance showing through, but I don't see how having /usr/spool/mail writable can allow you to become the super-user. Perhaps you could illegally read other's mail, but... P.S. Ours is not writable. GREG (ucbvax!menlo70!hao!woods) I believe what is being referred to is the following: Suppose that /etc and /usr/spool/mail are on the same disk (which is extremely likely.) Link /etc/passwd to somebody's mailbox. (remove an empty one if necessary). Then, mail a line like: abc::0:2::/: to said mailbox. Now, % su abc You're user id will be set to 0--you are root. Of course, the first thing you will want to do is to remove as much of the evidence that you can. ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.