Aucbvax.2952 fa.unix-wizards utzoo!decvax!ucbvax!unix-wizards Sat Sep 5 05:33:33 1981 Re: /usr/spool/mail >From James.Gosling@CMU-10A Sat Sep 5 05:23:07 1981 If /usr/spool/mail is writable it's really easy to become super-user. 1. copy the shell to the file /usr/spool/mail/root 2. make it suid 3. send mail to root When the mail is sent to root the delivery program only appends the mail to the mailbox and chowns the file to root. *poof* you have a suid root shell. The easiest way to stop this is to not have /usr/spool/mail be writable. James. ----------------------------------------------------------------- gopher://quux.org/ conversion by John Goerzen of http://communication.ucsd.edu/A-News/ This Usenet Oldnews Archive article may be copied and distributed freely, provided: 1. There is no money collected for the text(s) of the articles. 2. The following notice remains appended to each copy: The Usenet Oldnews Archive: Compilation Copyright (C) 1981, 1996 Bruce Jones, Henry Spencer, David Wiseman.